Trojan.Agent and Downloader.BI

[j4m32]

hi,

i have XP on my New Pc eeuhhh.... puke: :dead: :knock:
i was searching on google when a few pop ups appeared i closed them then...
explorer startede messing around then i changed a few setting i fixed them with good ol regedit and got rid of 99 % now the trojan is still paying around with me i have used trendmicro activscan etc none clear it fully please help

forward notice any help is appreciated...

j4m32,

 

[howard_hopkinso]

Go HERE and follow the instructions carefully. Print them out if you can.

Once you have done that, go HERE for instructions on how to post your Hijackthis log.

Regards Howard

 

[j4m32]

Sorry for got to reply sooner...

i have managed to clear it using these programs in this order i found out it replicates it self and the somethin32's.exe usualy are the downloaders.... others are the trojans them selves:

1. Run Spybot S & D - should find loads of registry keys that initialse the trojan......

2. Then Run A-Squared or a² it should find some Trojans either in memory or in C:\WINDOWS or C:\WINDOWS\System32 usualy in system 32 they are something32.exe and in windows something.exe

3. Get Bullguard and finally scan with this

4. Click Start Run then type "msconfig" and goto the startup tab and get rid of any of the file names that were found to startup incase they replicate under the same name again..... :dead:

5. Run Anything like Trendmicro Housecall or Panda Active scan just in case

The side affects from this trojan is it changes your theme the little bum!!
so goto "HKEY_CURRENT_USER\Software\Policies\\Microsoft\" and delete unusual policies infered on the regeistry.....

if you cannot delete a registry key in Spybot S & D and need to restart try Regedit in start run following the registry key and deleting it manually...

if it is an exe you cant delete you can with this trojan rename some of these files more likely with something.exe's then 32.exe

thanx ne ways any need for explination / help e-mail me at j4m32@xasamail.com