Hi folks,

I picked up this Trojan today, Win32:Agent-BSU [Trj] and I’ve been having a hell of a time getting rid of it.

Avast spotted it and as usual recommended that I put it in the virus vault however when I tried I got an error message telling me that it couldn’t move it because it was being used by another process.

I tried delete but got the same message.

I then thought about deleting the infected file but to no avail. I then got another virus warning telling me that it had found an .exe file in a different location. I clicked delete and it seemed to do the job and I got no more virus warnings.

I did a full scan with Avast and everything seems clean, both infected files have gone and there are no more warnings so on the face of it everything is OK. So am I right in assuming that Avast detected the Trojan attempting to put an .exe file on my machine and until that process was complete it could do nothing but as soon as the .exe file was in place it could then delete everything?

I’ve also noticed that I’m no longer logged into any of the forums I’m a member of, as if I’ve deleted all my cookies. I haven’t so I’m guessing this was down to the infection. Should I be worried about that?

This is where it was originally found and couldn’t delete from:
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\GPM9DJB7\rd[1].htm[FSG]

This is where it appeared after about 30minutes and where it got deleted from:
C:\DOCUME~1\ADMINI~1\LOCALS\Temp\2929665439.exe[FSG]

Thanks.

Hi :

 It would be wise to 1st try using one or 2 programs that are Good & FREE
 and are geared to dealing with trojans, worms, etc . I recommend :

1) the FREE version of "SUPERantispyware" from www.superantispyware.com

2) AVG anti-spyware/Ewido - pick your version at :
   www.filehippo.com/download_ewido/  .

Thanks for that, much appreciated. I did a full sweep with Webroot Spysweeper which didn’t bring anything up so I guess I should be ok then?