Just ran free Avast home edition. I have Windows XP. Advised found ‘Trojan horse PSW. Agent. G’. Then stated to run scan for Windows. Where to find and how to do? Thanks!
Hi,
are you sure it wasn’t AVG from Grisoft that found this trojan ?
Info:
VGREP
& Google-Links
Are all ServicePacks and Windowsupdates applied ?
Where exactly was the infected File found (full path/folder/filename, e.g. c:\Windows\system32\virusfile.exe) ?
Sometimes it’s enough to
- clear all TEMP-folders (via drive CleanUp AND best also manually)
- empty Temp.Int.Files folder(s) (via IE->Extras-Internetoptions->Delete files, including OFFLINE files) and
- empty java-Cache or
- disable system restore on Win ME/XP INCLUDING a REBOOT!! ( http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm )
to get rid of it…
test the file with OnlineScanners e.g. from Trend, RAV & KAV (see below) to get a more specific name
(you need to temporarily pause AV-Resident Shield/Monitor/Guard to be able to scan the file online)
(If they all don’t show it as infected, please send it in a password-protected zip-file to
virus (at) asw (dot) cz
Include the Zip-password and a link to this posting in the mailtext)
spybot, ad-aware and cwshredder might also help
see www.lurkhere.com ->nicefiles and www.lavasoft.de
-remove the Virus/Malware and it’s system modifications according to VirusInfos
from Avast, VGREP, Mcafee, Symantec, TrendMicro…
you might also try searching for the virus name or filename with google
general removal procedure:
- disable system restore on Win ME/XP
- kill respective Backdoor/Trojan process with task manager
- search for the file/process names in the registry; remove the malware’s startup entries in the registry
- disinfect or (if disinfection is not possible) delete the file; this may be possible only after a reboot
if you still can’t remove it, you could post a logfile of Hijackthis here
-Secure your system:
change passwords, secure shares, install patches/updates for WIN&IE;
disable ActiveX and Scripting in IE except for know secure sites - and better use a secure browser like Opera or Mozilla
- scan your whole system with updated avast and maybe a 2nd scanner ,e.g. TrendMicro/RAV to check whether your PC is clean
- If needed, reenable system restore on Win ME/XP
Further Details and Links via the board search above