Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Horse Agent_r.ATS


  • This topic is locked This topic is locked
18 replies to this topic

#1 owlman

owlman

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 29 November 2014 - 02:53 PM

Hello all,

Recently avg will not update other scans have isolated but cannot remove Trojan Horse Agent_r.ATS.What can be done remove virus?

Best wishes,

Owlman



BC AdBot (Login to Remove)

 


m

#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,783 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:16 PM

Posted 29 November 2014 - 07:35 PM

:welcome:
 
Lets give it a try.
 
Please download Malwarebytes Anti-Rootkit from here
  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
 

Download AdwCleaner from here. Save the file to the desktop.
 
 
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
 
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
You will see the following console:
 
AdwScan.jpg?
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
 
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt
 
 

Iconic_normal.png Please download Malwarebytes' Anti-Malware from Here
 
Double Click mbam-setup-2.0..exe to install the application. (The revision number may vary.)
  • Select the language and click OK.
  • Accept the agreement
  • Malwarebytes' Anti-Malware, then click on finish.
  • Once the program has loaded, select "Scan Now".
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quanrantee All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • Right click on your next reply and select Paste.
  • Submit your reply.
 
 
Extra Note:
 
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.
 
 

Edited by JSntgRvr, 29 November 2014 - 07:40 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 owlman

owlman
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 02 December 2014 - 09:47 PM

these are the results that were stored in drive c and on desk top.

thanks again

Attached Files



#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,783 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:16 PM

Posted 03 December 2014 - 11:34 AM

Download the enclosed file. 

 

Save it in the same location FRST is saved. Open FRST. Click on the Fix button and wait. The tool will produce a log, Fixlog.txt. Please post its contents to a eply.

 

How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:10:16 PM

Posted 03 December 2014 - 08:43 PM

owlman, please post the requested log here in THIS topic.

By posting it via Report it will not be seen by JSntgRvr.

#6 owlman

owlman
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 03 December 2014 - 09:18 PM

thank you for help.

Attached Files



#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,783 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:16 PM

Posted 04 December 2014 - 11:59 AM

Run the ESET Online Scanner.

  • Click on this link to open ESET OnlineScan in a new window.
  • Click the ESET Smart Installer. Link.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 owlman

owlman
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 04 December 2014 - 09:25 PM

I am very grateful for your help. The pc is a little slower than before all of the scans. I have retained all scan programs and results which I believe is slowing normal processes.

Thank you for asking and your efforts.

Attached Files



#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,783 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:16 PM

Posted 04 December 2014 - 10:49 PM

All seems clear.

 

We need to remove the tools we've used during cleaning your machine
 
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
  • Also tick:
    • Create registry backup
  • Purge system restore
  • DelFix.png
     
  • Click Run
  •  
    Manually remove all other tools used. Let me know if that helps.

    No request for help throughout private messaging will be attended.

    If I have helped you, consider making a donation to help me continue the fight against Malware!
    btn_donate_SM.gif


    #10 owlman

    owlman
    • Topic Starter

    • Members
    • 50 posts
    • OFFLINE
    •  
    • Local time:10:16 PM

    Posted 05 December 2014 - 08:41 PM

    I deleted and removed all tools as instructed. Ran adwarecleaner. AVG still will not update. Any further thoughts?

    Thank you



    #11 JSntgRvr

    JSntgRvr

      Master Surgeon General


    • Malware Response Team
    • 10,783 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Puerto Rico
    • Local time:11:16 PM

    Posted 05 December 2014 - 09:22 PM

    The Security Center shows you have two antivirus.
     
    AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    AV: Microsoft Security Essentials
     
    Have you removed Microsoft Security Essentials?

    No request for help throughout private messaging will be attended.

    If I have helped you, consider making a donation to help me continue the fight against Malware!
    btn_donate_SM.gif


    #12 JSntgRvr

    JSntgRvr

      Master Surgeon General


    • Malware Response Team
    • 10,783 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Puerto Rico
    • Local time:11:16 PM

    Posted 05 December 2014 - 09:25 PM

    If you have, run this tool, to remove all traces of Microsoft Security Essentials from your computer in the event that you are unable to remove it normally via the Windows control panel. 


    No request for help throughout private messaging will be attended.

    If I have helped you, consider making a donation to help me continue the fight against Malware!
    btn_donate_SM.gif


    #13 owlman

    owlman
    • Topic Starter

    • Members
    • 50 posts
    • OFFLINE
    •  
    • Local time:10:16 PM

    Posted 05 December 2014 - 10:34 PM

    I just removed MicroSoft Securty Essentials. AVG will not update. Thoughts?



    #14 JSntgRvr

    JSntgRvr

      Master Surgeon General


    • Malware Response Team
    • 10,783 posts
    • ONLINE
    •  
    • Gender:Male
    • Location:Puerto Rico
    • Local time:11:16 PM

    Posted 06 December 2014 - 10:33 AM

    Please download Malwarebytes Anti-Rootkit from here
     
    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

    No request for help throughout private messaging will be attended.

    If I have helped you, consider making a donation to help me continue the fight against Malware!
    btn_donate_SM.gif


    #15 owlman

    owlman
    • Topic Starter

    • Members
    • 50 posts
    • OFFLINE
    •  
    • Local time:10:16 PM

    Posted 06 December 2014 - 01:00 PM

    Ran scans as requested. Nothing was found. Further thoughts?

    Thanks

    Attached Files






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users