Jump to content

Search the Community

Showing results for tags 'Trojan.Agent'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Need solution, My PC got infected with EpicNet.inc/CloudNet/glupteba/or whatever, they keep coming after rebooting, I need your help to get rid of these pesky malware, step by step guide will be appreciated.
  2. so apparently, malwarebytes and adwcleaner recognize this pup and trojan agent as a folder, i tried to remove it from malwarebytes and the folder stil reappear when i rebooted my computer can somebody help me with this?
  3. What is ExtenBro?The Malwarebytes research team has determined that ExtenBro is adware. These adware applications display advertisements not originating from the sites you are browsing.This particular one blocks access to domains related to security software to hinder victims from installing a remediation.How do I know if my computer is affected by ExtenBro?Users may complain about being unable to reach malwarebytes.com and other AV related domains:You may see this type of task in your Scheduled Tasks:these changed DNS settings:and this entry in your list of Root certificates:How did ExtenBro
  4. Hi. I have high ram usage at times, I mean 70-90% and I think it's connected to malware and Malwarebytes can't pick it up, but when my windows has been up and running for few hours, it shows 2 malware threats are detected, but even if I quarantine them and delete them, nothing works, they just keep coming back. I have also tried to use ADW cleaner multiple times without any luck too since it's all come back a few minutes after windows has loaded. One thing to note is that Chrome is only using 4-5 GB of ram which is okay, but the task manager shows over 70% even at sometimes 90%
  5. What is CPUID CPU-Z?The Malwarebytes research team has determined that CPUID CPU-Z is a trojan.This particular one injects downloaded JavaScript (JS) files into browser sessions and sets a proxy accompanied with a false SSL certificate to perform a man-in-the-middle (MITM) attack.How do I know if my computer is affected by CPUID CPU-Z?You may see this entry in your list of installed software:and this icon in your startmenu and on your desktop:How did CPUID CPU-Z get on my computer?Trojans use different methods for distributing themselves. This particular one was bundled with other software.How
  6. Hi, MBAM has failed to quarantine/remove three identified trojan viruses several times today. I checked some sources and saw that it was recommended that I try MBAM Anti-Rootkit Beta to solve this, so I installed and ran it. It located the files and I selected to clean them and restarted my laptop, but if I run Anti-Rootkit or MBAM again it still detects the same files and MBAM still fails to quarantine them. I also tried running the scans and quarantining from Safe Mode, but that did not change the results. Any suggestions? Addition.txt FRST.txt Threat Scan Log.txt
  7. What is taswexuahoft? The Malwarebytes research team has determined that taswexuahoft is adware. These adware applications display advertisements not originating from the sites you are browsing. How do I know if my computer is affected by taswexuahoft? You may see the Registry Editor (regedit) open when the system starts: and this list of running svchost processes as children of taswexuahoft : How did taswexuahoft get on my computer? Adware applications use different methods for distributing themselves. This particular one was dropped by other
  8. Recently one of my windows server 2008 R2 had been infected with malwares. I have no idea on how it got infected but i installed MalwareBytes Malware removal tool and it found few malwares including one bitcoin miner and quarantined it. After rebooting it worked without any issue but it keeps on restarting in 1-1.5 hours with below error in Event Viewer A critical system process, C:\Windows\system32\lsass.exe, failed with status code 00000000. The machine must now be restarted. Also it finds malware in C:\1.exe with type of Trojan.Agent and quarantines it. I am using
  9. Found 1 file with Trojan.BHO and four registry malware items. How can I tell if the threats are completely removed? Webroot did not pick these items up on it's scan.
  10. Hello, long time MBAM Free user who has mostly been happy with it until now. I'm running Windows 7 Home Premium. Yesterday I found my first Trojan while running a scan in my own LUA: a Trojan.Agent.ENM in the file 00011334.tmp. This is especially alarming since it was found in the actual Malwarebytes Anti-Malware folder in Program Files-- and even though the Scan History says it was quarantined, it is nowhere in my Quarantine list. I do not remember whether it was ever there. After a few hours searching the forums for this issue, I updated the program and databases to prepare for creating th
  11. This is odd, I've never had a report like this before. Fonts are being considered as Trojan.Agent. As far as I know TTF or OTF files simply can't contain any malware. No? Here's the screenshot: I've been using these fonts for a while now. I'm sure those are false positives but why?
  12. I recently built a new pc, and have not even had it running for a month, and already I have a trojan... I have Windows Defender and Malwarebytes installed. After booting computer, either Malwarebytes or Windows Defender will quarantine the Win32/Bladabindi.gen Trojan, which is found in C:\ProgramData\smss.exe. I have tried deleting it many times using both of these programs, and have run full scans that show it to be gone afterwards. However, usually when I next restart, a notification will pop up immediately saying that Malwarebytes or Windows Defender has found this very same trojan in the
  13. Hello, with each search the file \\ users \ % username% \ AppData \ Roaming \ msconfig.ini found and identified as Trojan.Agent and placed in Quarantäne. After a reboot the file is infected again. What can I do ? regards Tom OS Windows 8.1 Tool (Premium)
  14. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 8.0.7600.17197 BrowserJavaVersion: 10.51.2Run by ed at 12:06:28 on 2014-03-31Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.12286.9813 [GMT -7:00].AV: Trend Micro Security Agent *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}SP: Trend Micro Security Agent *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Win
  15. We were having some issues with an image that was newly created so we ran a scan out of curiosity and it showed a resultant Trojan.agent within the Windows/hosts file. As the build is a new build we are wondering if it is a false positive and therefore a remnant of an incomplete wipe of the disc due to reformatting using only the Windows disk from Dell. I have attached the log file as evidence if that helps. Thanks in advance, Mike bmrt-log-2013-12-09 (12-36-04).txt
  16. Some weeks ago, I started to clean my father's computer in the following topic, but I had to go back home and could not progress until now: https://forums.malwarebytes.org/index.php?showtopic=132373 During this time, it seemed like he used his computer a few times, so I ran all the steps again yesterday(with fresh downloads of all programs). MWB did not find any new infections. The new Roguekiller log is below. The latest step I completed was to run Combofix. The first time around, it hung on creating the logfile (possibly because I let it run overnight) but I ran it again this morning, re
  17. My elderly father has been complaining about his slow Windows computers for some time. He has an up to date, automatically renewed subscription to Norton Security, so when it had trouble updating, he googled "Norton" and found some guy whom he thought was working for Norton. Dad somehow gave him remote access to his computer, and the tech said he had a lot of Trojans and wanted hundreds of dollars to fix the problem. The upshot is that last week I drove in from out of state to check out the computers. I eventually discovered and ran Malwarebytes and indeed it seems that his desktop has a lo
  18. Pretty sure this is a false positive since I scanned this, removed it, restarted and didn't see the problem again. So I decided to verify game cache on the game Blocks that Matter under Steam and scanned again. Sure enough it showed up as the same Trojan.Agent found in the file natives-win32.jar again. I'm not 100% sure that's why I'm posting here in hopes that maybe this will help shed light on either a false positive or something in my system. Highly doubt steam is downloading the same virus into my system though. Anyways here's my log: MBAM-log-2013-10-30 (09-45-36).txt Thank you for
  19. Hi, Latest Data Version Trojan.Agent detected C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe Malwarebytes Anti-Malware (PRO) www.malwarebytes.org Database version: v2013.08.28.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Camelia :: UTIMA [administrator] Protection: Enabled 8/28/2013 10:45:52 AM MBAM-log-2013-08-28 (10-58-42).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 221103 Time elapsed: 12 minu
  20. My online Armor says that i my removable disk has a trojan.agent virus or shortcut virus. I use malwarebytes to remove it but it failed to locate it saying "no infection". Any help?
  21. Hello Malwarebytes, I updated Anti-Malware to the latest database version (913042702) and ran a full scan today. Here's what I got after running the same scan in developer mode: Files Infected: C:\Windows\System32\COMMAND.COM (Trojan.Agent) -> No action taken. [27517B842938D5006908C61D87F3AB7C] This never happened before. I'll be pleased if you guys could check this one whether it's a false positive or not. I've zipped everything and attached it in this post. The zip file includes the following files: COMMAND.COM -> the file reported as "infected" COMMAND.md5 -> MD5 checksum of t
  22. Thank you for your help in the past. I think I've found yet another one. A scan of the computer turns up this result. " ...\FAT-Engine SDK + demos v1.22 BETA - fat.zip (Trojan.Agent.NR) -> No action taken. [19028d807fed5ed82d4ff02cae53738d] ...\FAT-Engine SDK + demos v1.22 BETA - fat.zip (Trojan.Agent.NR) -> No action taken. [04177a93224a330384f82af2649dad53] " FAT-Engine, is a generic Raycasting Engine for the TI-89, TI-89T, TI-92+ and TI-V200 (collectively known as TI-68k) calculators. < http://tict.ticalc.o...ref_other_games > I suspect this one is another false positive since s
  23. Hi, I am in desperate need of some help!! Yesterday, I noticed something very wrong. In my research, I came across MBAM. I ran the scan and found 4 issues. MBAM resolved 2, but this Trojan.Agent will not go away. There are 2 (1 file and 1 memory), both svchost.exe. Apparently, Norton was not enough to block it. Before I found MBAM, I tried a system restore which got rid of my Norton and brought back AVG. Either way, the Trojan won't let me open. I did a little research on this Trojan.Agent and am a little freaked at what I read. Can it really be as bad as it says? I am willing to wipe everythi
  24. Hi, I'm new to this forum so I am sorry if this is posted in the wrong category. I was recently infected with the Trojan.Agent that runs out of the svchost.exe (winrscmde). It uses up a large amount of the CPU along with hijacking passwords, etc. My Norton Security wasn't able to detect it so I downloaded malwarebytes to resolve the issue. I ran malwarebytes and it found the Trojan.Agent with little problem. It was quarantined and I restarted my computer. I then deleted the threats listed in the quarantine box. The Trojan.Agent still keeps reappearing in the quarantine box with more Trojan.Age
  25. [dss.txt] DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_31 Run by Anne at 17:06:30 on 2013-02-09 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8174.6310 [GMT -7:00] . AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} . ============== Running Processes =============== . C:\Windows\system32\lsm.e
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.