Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan.Agent

30 Dec 2010   #1
FCUSA

Windows 7 Home Premium 64bit
 
 
Trojan.Agent

Hi Everyone -

Cannot belive this! Just did a MBam quick scan and found a new item. Can anyone identify it?

I removed both items and the computer needed to reboot and now I am unsure how to retrieve the log for your review.

Thanks,
Sally




Attached Thumbnails
Trojan.Agent-mbam123010.png  
My System SpecsSystem Spec
.
30 Dec 2010   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi FCUSA,

Please go to these locations and get the latest log files, and upload them here.

C:\Users\<USERNAME>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Logs

Regards,
Golden
My System SpecsSystem Spec
30 Dec 2010   #3
FCUSA

Windows 7 Home Premium 64bit
 
 

Golden -

Thanks for that direction - I was looking at the file, but couldn't find it to upload


Attached Files
File Type: txt mbam-log-2010-12-30 (20-35-35).txt (1.1 KB, 12 views)
My System SpecsSystem Spec
.

30 Dec 2010   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

OK. I've had a quick look. The second item PUM.HIJACK.STARTMENU could be either:

1. A consequence of the first item (the Trojan), or
2. A form of false positive (I say false positive because if you made changes to your Start menu, then MBAM sees this as a potential security issue).

At any rate, MBAM has cleaned up both items succesfully, so you don't have anything to worry about. For your own peace of mind, please use this site to perform an on-line scan of your PC Free ESET Online Antivirus Scanner

Do you use the paid version of MBAM? If so, have you got the protection module activated?

Regards,
Golden
My System SpecsSystem Spec
30 Dec 2010   #5
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
 
 

It won't hurt to run Mbam again just to make sure all is deleted. I would if it were mine. I'm paranoid though! LOL

From the log it appears it should be clean. Post new log if you run it again and want an extra set of eyes to take a look.

Goldens advice to use the ESET is a good idea also.

Mike
My System SpecsSystem Spec
30 Dec 2010   #6
FCUSA

Windows 7 Home Premium 64bit
 
 

Hello Golden -

I am currently not using the paid version - in fact until last week I did not even know what MBam was! Sadly my Vista was infected with backdoor.cycbot (I probably do not have that correct) - but very bad. The fine folks over at Vista have helped me nonstop with that; and so my business would not suffer, I purchased this alternate system. We did the first scan and came with the false positive, but when I came up with another problem just now - totally freaked.

Thank you so much for analyzing that and I will look into the on-line scan in the morning. Do you think it is necessary or preferred to do a full MBam scan?

Thank you so much for your quick assistance!

Quote:
It won't hurt to run Mbam again just to make sure all is deleted. I would if it were mine. I'm paranoid though! LOL

From the log it appears it should be clean. Post new log if you run it again and want an extra set of eyes to take a look.

Goldens advice to use the ESET is a good idea also.

Mike
I guess you answered it before I wrote - I just love you wonderful here at both forums!!

I am paranoid - very paranoid (so you may be my new best friend!

Thanks to you both! I will rerun MBam and run the on-line scan in the AM!
My System SpecsSystem Spec
30 Dec 2010   #7
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

If you use this computer for your business, and you have already been infected a few times, I would most definately consider a paid version of MBAM. That way you can turn on the protection module so it works in the background to catch all the nasties, without having to rely on you remembering to perform scans.

After you run the ESET scan, do a Full Scan with MBAM too.

For your own information, here is some background information on backdoor.cycbot : as you can see its potentially extremly damaging :

http://www.precisesecurity.com/trojan/backdoor-cycbot/

What other security systems do you have installed on your PC? Would you like me to help you review them and your security in general?

Regards,
Golden
My System SpecsSystem Spec
30 Dec 2010   #8
FCUSA

Windows 7 Home Premium 64bit
 
 

Good advice, Golden!

It certainly has performed spectacular.

PS These items are in Quarantine - should I delete them? or does it matter?
My System SpecsSystem Spec
30 Dec 2010   #9
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

Empty the quarantine folder by deleting them.

Then do another scan, and see if they re-appear.

Regards,
Golden
My System SpecsSystem Spec
30 Dec 2010   #10
FCUSA

Windows 7 Home Premium 64bit
 
 

Quote:
Empty the quarantine folder by deleting them.

Then do another scan, and see if they re-appear.

Regards,
Golden
I will do that - thank you.

Quote:
For your own information, here is some background information on backdoor.cycbot : as you can see its potentially extremly damaging :

Backdoor.Cycbot - Virus Solution and Removal

What other security systems do you have installed on your PC? Would you like me to help you review them and your security in general?

I most definitely know. Just to clarify, that ocurred on the Vista and Jacee and many others assisted me with it and winding down - I hope to get a great report soon (fingers crossed)! So when this came up, well - no need to say more.

I plan on changing all the security software on both systems - but can only work with one at a time (just in the event trouble ensues with the removals, loading etc.) - I cannot afford to keep buying new machines each month! LOL

I will certainly look forward to your input on that subject!

Thank you again and I will run some of these now.
My System SpecsSystem Spec
Reply

 Trojan.Agent




Thread Tools




Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Trojan.Agent/Gen-Faldesc
Hello there guys, In a few words, I just try to find if this kind of malware/virus is it still in a PC. The SUPERAntiSpyware has found an .exe/.pf file and successfully removed ,but I was wonder if this thread can be somwhere in background running also in different kind of file extensions (not so...
System Security
Trojan.Agent/Gen-FakeAlert
Within the past few days my computer has been freezing which is something that has never happened before. The only solution to the issue was to reboot. Today I decided to do some virus scans. I used avast, then malwarebytes, then superantispyware. Only superantispyware turned up any results. Here's...
System Security
Need help removing trojan.agent.cn
Help please. I'm using Malware Bytes and every restart it quarantines this trojan as svchost.exe How can I remove it completely?
System Security
Can't delete reg trojan.agent (Malwarebytes)
Hello, I ran a full system scan with malwarebytes and found this: Registry Keys Detected: 1 HKCU\Software\Microsoft\Windows\CurrentVersion\Run (Trojan.Agent) -> Quarantined and deleted successfully. malwarebytes then prompted me to restart my computer, so I did. I ran the scan after...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:02.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App