|
Posted by =?Utf-8?B?cHJvaW53dg==?= on August 11, 2008, 4:18 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Does anyone know anything about this virus?
|
|
Posted by Maurice N ~ MVP on August 11, 2008, 4:37 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Would you provide details as to what file or files were specifically tagged,
and mention what antivirus program / anti-malware app was used that found
this issue.
--
Maurice N
MS-MVP
--
> Does anyone know anything about this virus?
|
|
Posted by David H. Lipman on August 11, 2008, 4:44 pm
If you were Registered and logged in, you could reply and use other advanced thread options
| Does anyone know anything about this virus?
From the name we can determine it is nOT a virus it is a Trojan Agent. However
that's
all.
Please provide MORE information...
- Name of anti malware application that delaclred this
- Fully qualified name and path to the file deemed infected.
- What the OS is where this Trojan was found.
Any log extracts would be helpful.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
|
Posted by =?Utf-8?B?cHJvaW53dg==?= on August 11, 2008, 5:45 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I run ZoneAlarm Suite, current version, 7.0.483.000
On a scan it identified the trojan, exactly as I did in the subject line,
and said it was taken care of. No further information was provided.
It did then tell me to reinstall XP SP3. I did that and had a problem in
that SP3 reported that setup could not copy wextract.exe.
I discussed this on another MS forum and was told not to worry about it, if
XP was working ok, which it is.
|
|
Posted by David H. Lipman on August 11, 2008, 5:49 pm
If you were Registered and logged in, you could reply and use other advanced thread options
| I run ZoneAlarm Suite, current version, 7.0.483.000
| On a scan it identified the trojan, exactly as I did in the subject line,
| and said it was taken care of. No further information was provided.
| It did then tell me to reinstall XP SP3. I did that and had a problem in
| that SP3 reported that setup could not copy wextract.exe.
| I discussed this on another MS forum and was told not to worry about it, if
| XP was working ok, which it is.
OK.
ZoneAlarm's AV solution does not provide a good encyclopedia. Therefore we
can't
determine what this Trojan's payload or objective was.
However, there is still the possibility that your PC is still infected with
something that
zonealarm's AV solution failed to detect.
I suggest scanning with the following...
Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe
http://www.pctipp.ch/downloads/dl/35905.asp
English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.
You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.
Additional Instructions:
http://pcdid.com/Multi_AV.htm
* * * Please report back your results * * *
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
|
| Similar Threads | Posted | | Where does Trojan-downloader.win32.Agent.bkd start up? | June 17, 2007, 9:33 pm |
| Win32.Trojan.Spy.Agent.kb detected by ZoneAlarm Internet Security | May 23, 2008, 3:13 pm |
| Win32:Agent-QC in pagefile.sys | April 17, 2007, 1:12 am |
| Trojan Dropper Agent 8 B Help | August 9, 2005, 9:21 pm |
| Re: Trojan Dropper Agent 8 B Help | August 9, 2005, 10:44 pm |
| Re: Trojan Dropper Agent 8 B Help | August 10, 2005, 12:39 pm |
| Trojan Horse Downloader.Agent.ETP | August 9, 2006, 11:16 am |
| JS Downloader Agent (Virus) and Trojan Horses | January 27, 2008, 2:24 pm |
| trojan.agent.f / ewido/grisoft-anti-malware ? | December 19, 2006, 5:13 pm |
| Win32:Trojan-gen. | June 5, 2007, 3:24 pm |
|
|
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map