Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malaware Win32.Agent.pz - keeps re-appearing after deletion.


  • Please log in to reply
No replies to this topic

#1 MrPUK

MrPUK

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:40 AM

Posted 07 May 2009 - 03:22 AM

Hi guys

New to the forums, but been around computers for more years than i care to remember i've had my fair share of virus's, spyware etc and manged to gedt rid of them on my own with great sucess. Granted I've been lucky and not been hit in years, so it was bound to happen. And now i'm a little out of practice with the best techniques.

Got infected over the weekend, not sure how it got in, but it did. I was running AVG for free, windows Defender and Windows Firewall, i'm sat behind a Draytek Vigor router with a hardware firewall. Anyway tried the usual at the time AVG etc. Couldn't remove it.

found a few rogue .exe on my system one of them was LD08.exe.

Anyway, i was due to flatten my PC so i did. F-Disk'd the hard drive, and re-formated using NTFS - Full not quick format. Installed a trusted windows XP with a slipstreamed SP3. Also bought F-Secure internet security on the advice of a collegue, who has deployed it at his buisness and was impressed with the quality of the product.

Installed this before i connected to the internet (just to be safe) and then started re-installing all the programs i use (which are all legit). Things seemed to be going fine until all of a sudden, I noticed that taskmanager was grey'd out. Which i thought was odd. Did some research and found that regedit also didn't work.

Read up on the web and installed Spybot S&D which found the Win32.Agent.pz, always in or around the same reg key - network UID in HK users.. can't remeber the full link. also at around this time F-Secure found and deleted the following virus Trojan-Spy.Win32.Zbot.tdj.

Since then the win32.agent.pz keeps coming back. Installed Malawarebytes, it found "Rogue.Virus Agent" or something similar, 3 entries and removed it which it. Even after all of these positive results the damn thing keeps coming back I'm at my wits end, i'm three days into this with no real sucess.

I have nothing running in process, that i'm not expecting. I have no suspious (as far as i can tell) *.exe in the windows folder.

Any help would be great.

Regards

MrPuk

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users