Jump to content

Trojan Horse Agent2


Recommended Posts

Hi,

Many thanks in advance for your attention on this one.

I'm running Malwarebytes version 1.45 with database version 3993 on HP Vista Home Premium PC. I also have AVG (v9), ZA & Spybot S&D.

Recently everytime I start a Malwarebytes scan my AVG Resident shield tells me that it's prevented from running & removed Trojan Horse Agent2.AQEO.

Here are the latest details showing in my AVG Reisdent Shield log:

-------

Infection : Trojan horse Agent2.AQEO

Object : "C:\$Recycle.Bin\S-1-5-21-3146042238-1146623843-959055786-1001\$RAPMLIK.exe"

Result : Object is inaccessible.

Detection Time : 15/04/2010, 18:26:25

Object Type : file

Process : "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"

------

Scanning by Malwarebytes, AVG antivirus (free edition) & Spybot Search & Destroy does not come up with any infection.

I've followed the instructions under "Im infected - What do I do now?".

I was unable to carry out the instructions for the GMER rootkit scanner. Initially when I first ran the scan after about 1/2 an hour into it my pc shut down & re-started itself. I downloaded & ran several versions of the exe file but the results varied from my pc screen going a strange colour and completely freezing (I had to shut the PC down with the power button) to the pc shutting down & re-starting itself. Is this something I should be worried about?

I've attached the Attach.zip file

The results form my latest Malwarebytes log file are below the contents of DDS.txt.

DDS.txt results: (This shows me as having 2 firewalls - but I uninstalled COMODO several months ago & replaced it with ZA (free version))

DDS (Ver_10-03-17.01) - NTFSx86

Run by Gareth at 12:25:43.02 on 17/04/2010

Internet Explorer: 8.0.6001.18904

Microsoft

Link to post
Share on other sites

Hi,

Could you try to run GMER by unselecting "files" checkbox? Also, make sure "show all" is not checked and that your antivirus protection is disabled.

Empty Windows recycle bin.

I've attached the Attach.zip file

Seems that it wasn't attached of some reason after all.

Link to post
Share on other sites

Hi,

Thanks for the reply.

I've run Malwarebytes yesterday & today and this problem does not occur anymore.

When I initially encountered the problem I did empty the recylce bin

I've attached the Attach.zip file this time, sorry for the earlier omission.

Do you think its safe to assume that I no longer have this problem or shall I try & run GMER?

If I do run GMER with my antivirus disabled is it OK to disconnect from the internet or will it affect GMER running?

Attach.zip

Thanks

Link to post
Share on other sites

Hi,

Many thanks Blade81.

I've run the security check & carried out the necessary updates. This seems like a good tool I think I will use it regularly from now on.

I take it that its OK to re-enable my emulation drivers with DeFogger?

Any thoughts on what caused this problem in the first place.

Once again thanks for your attention.

Link to post
Share on other sites

You're welcome :lol:

Yes, DeFogger can be used to re-enable the emulation drivers.

Can't say what was the exact reason for getting infected but vulnerable, outdated software might had had part in it.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.