Jump to content

Trojan.Agent.E.Generic infection, refuses to be cured

Epildog

By Epildog
in Resolved Malware Removal Logs

 Share

Recommended Posts

Epildog

Epildog

Posted
Posted

Good afternoon,

I hope I am following the correct procedure to request help with this.

I ran a Malwarebytes (Free edition) Anti-Malware scan this morning and saw 'Trojan.Agent.E.Generic' in Windows/Hosts. I quarantined this and rebooted and reran the scan, but it is still there. The scan has been ran 3 times now and I am at a loss of what to do. I have seen some threads describe a similar issue and mention this is a false positive from Spybot (I have Spybot and AVG Free on this computer as well; both have been run and reported no issues) but there is no guarantee this is the same case. I figure it is better to be safe than sorry hence why I am posting here.

Any help would be appreciated, thank you.

Below are the logs that I believe I am to post here as well. The dated file is the Malwarebytes report.

 

2019.01.07 report.txt

Addition.txt

FRST.txt

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Hello  and
:welcome:

Please take your time.


I have attached A file I need you to download and save it to the same place that you saved the FRST program

This fix will include removing temp files and emptying the Recycle Bin.

Download attached **fixlist.txt** and save it to same location where the FRST tool is located.

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.
Close all browsers before running.

Double click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
 •Click the **Fix Button**.
 
•If you receive a message that a reboot is required, please make sure you allow it to restart normally.

•The tool will complete its run after restart.

When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please attach the Fixlog.txt in your reply.

Restart the pc and let me know how it's running now.

fixlist.txt

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Windows 7

Restart your computer in Safe Mode.

Using the F8 or F5 Method:

Restart your computer.

When the computer starts you will see your computer's hardware being listed. When you see this information start to gently tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Options

select the Safe Mode

Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.

When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.


Open Malwarebytes (MBAM), make sure Scan For Rootkits is checked, run a new scan and Quarantine all

**Power Off** (shutdown, the pc.

Wait a few minutes.


Restart in Normal Mode and make sure it's gone

 

Link to post
Share on other sites
Epildog

Epildog

Posted
  • Author
Posted

Hi LDTate,

I have completed your further instructions. The Safe Mode scan took considerable time but has been completed. All findings were quarantined and deleted.

Once I turned the computer back on and went into normal mode, I reran the scan. The trojan is still there and was the only find.

Please find below the scan reports for safe mode and normal mode (titled 2019.01.08 report and 2019.01.08 report v2 respectively).

Please advise the next step to take.

 

2019.01.08 report v2.txt

2019.01.08 report.txt

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

 NOTE: The tools and the information obtained is safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

Download Malwarebytes Support Tool
https://downloads.malwarebytes.com/file/mbst?src=Forums-Reply

    Once the file is downloaded, open your Downloads folder/location of the downloaded file
    Double-click mb-support-X.X.X.XXXX.exe to run the program
        You may be prompted by User Account Control (UAC) to allow changes to be made to your computer. Click Yes to consent.
    Place a checkmark next to Accept License Agreement and click Next
    You will be presented with a page stating, "Get Started!"
    Click the Advanced tab

Click the Gather Logs button

A progress bar will appear and the program will proceed with getting logs from your computer

Upon completion, a file named mbst-grab-results.zip will be saved to your Desktop. Click OK

Please attach the file in your next reply.

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

I have attached A file I need you to download and save it to the same place that you saved the FRST program

This fix will include removing temp files and emptying the Recycle Bin.

Download attached **fixlist.txt** and save it to same location where the FRST tool is located.

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.
Close all browsers before running.

Double click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
 •Click the **Fix Button**.
 
•If you receive a message that a reboot is required, please make sure you allow it to restart normally.

•The tool will complete its run after restart.

When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please attach the Fixlog.txt in your reply.

Restart the pc and let me know how it's running now.

fixlist.txt

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Great job

Looks good to me

I'm happy to have helped and glad this is resolved. As there are no other issues which need addressing we can now close this ticket.
 

Help Secure your browsers

Please install uBlock Origin for your browsers to better protect your system

FireFox, Chrome, and Safari 
Opera
Microsoft Edge

AdBlock for Internet Explorer

Follow-up Reading

Cryptolocker Ransomware: What You Need To Know
Scams: Tech Support Scams 
PC Safety: Seven tips to keep your PC safe

 

Thank you for choosing Malwarebytes
Peace Be With You

 

Link to post
Share on other sites
  • 4 weeks later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.