Trojan Horse Agent2.guf

[liltakashi]

Trojan horse Agent2.GUF
I am running Vista Home edition sp1. I also have AVG Free edition loaded (v8.5.325) with the latest db (270.12.26/2110).

Whenever I load IE the AVG resident shield chimes in and tells me about a multiple threat : "C:\Windows\System32\gxvxcfuvnfipwnefjysniqyrocquoqivkrsic.dll";"Trojan horse Agent2.GUF";"Infected"

AVG does not get rid of it.

I have followed the 8 steps and have attached the output from Hijackthis. I installed the malaware anti-malware but it does not run. WHen I click on it I get a box containing "A program needs your permission to continue" when I click on continue it just disappears.

I also cannot install Superantispyware. It comes up with the same question as Malaware but then goes to "SuperAntispyware.exe has stopped working".

Any suggestions please?

Thanks in anticipation.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:22:27 AM, on 5/13/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16830)
Boot mode: Normal

 

[touch]

Hello liltakashi

Download malwarebyte from here:
http://www.download.com/Malwarebyte...4-10804572.html?tag=mncol;pop&cdlPid=10878968

Save the file as setup.exe

Run the setup.exe file
When it gets to the final step of the installation it will seem like it froze....it hasn't but it will take anywhere from 15mins to an hour to get through that step so just let it do its thing.
If automatic update fail, download the manual update ->
http://www.gt500.org/malwarebytes/mbam-rules.exe

Reboot to safe mode

Go into the Malware folder in through Program Files
Rename the mbam.exe to 123.exe and run it.
Do a full computer scan
Check all and remove/fix/delete them.

Restart your computer and attachthe log

 

[davidstenglein]

I have downloaded mbam but will not run. Need help
david

 

[touch]

Ok. We´ll try combofix then ->

Please download combofix here -> https://www.techspot.com/downloads/5587-combofix.html

Before Saving it to Desktop, please rename it to something like 123.exe to stop malware from disabling it.

Now, please make sure no other programs are running, close all other windows.

Please double click on the file you downloaded. Follow the onscreen prompts to start the scan.
Once the scanning process has started please DO NOT click on the Combofix window or attempt to use your computer as this can cause the scanning process to stall.
It may take a while to complete scanning and this is normal.

You will be disconnected from the internet and your desktop icons/toolbars will disappear during scanning, do not worry, this is normal and it will be restored after
scanning has completed.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

 

[davidstenglein]

Thank you Touch. The combofix seems to have worked.
Having trouble posting logfile.

 

[touch]

What kind of trouble ?

"To attach a log click on New Thread (or use Post Reply in your existing thread).
Scroll down until you see a button Manage Attachments. Click on that and a popup-window opens.
Click on the Browse button, find the requested log file, and doubleclick on it.
Now click on the Upload button in the popup. When done, click on the Close this window button."

 

[davidstenglein]

It worked this time, thank you.

 

[touch]

Great

Open notepad and copy/paste the text in the quotebox below into it:
Name the file as CFScript
and Save it on the desktop

Killall::
Snapshot::
Folder::
c:\program files\Azureus

http://www.fromsej.saknet.dk/billeder/cfscript.gif

Once saved, refering to the picture above, drag CFScript.txt into ComboFix.exe.

Combofix will create a logfile and display it after your computer has rebooted. Usually located in c:\combofix.txt, please attach it to your next post

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

If you can update and run malwarebyte now, then please post that log as well

 

[glitchpop]

Thanks touch!
I had the same problem so i followed your advice.
Had to run combofix too.
Here are my logs.

I ran mbam after combofix and it came up with these three issues. It got rid of them then I ran it again and it came up with nothing! =D

Thanks for this. Is there anything else I should do now?

I still have to run avg again.

 

[touch]

Hello glitchpop

I´ll prefer you run the steps in this guide:

8-step Viruses/Spyware/Malware Preliminary Removal Instructions

Post attached log´s from:

Malwarebyte
Superantispyware
Hijackthis

In your own new thread, as it is confusing with more log´s in same thread

 

[Lipgloss]

Thanks touch!
I had the same problem so i followed your advice.
Had to run combofix too.
Here are my log.

 

[touch]

Lipgloss -Why do you post in other users topic, haven´t you read this:
In your own new thread, as it is confusing with more log´s in same thread.

I´ll prefer you run the steps in this guide:
8-step Viruses/Spyware/Malware Preliminary Removal Instructions

Post attached log´s from:

Malwarebyte
Superantispyware
Hijackthis

In your own new Topic

 

[Lipgloss]

sorry Touch....no didn't know that...i am new !!