Sign in to follow this  
jajb

WIN32.BACKDOOR.AGENT Need help

Recommended Posts

Kapersky.txtHow do I remove, WIN32.BACKDOOR.AGENT?

 

I've used Ad-Aware, Spybot, and Kaspersky(why?), and need help removing this thing. I attempted to follow the instructions on another post regarding this and I'm sure I messed up. I've attached a text file of the Kapersky log.

 

I have the most recent log file from Kapersky, which identified a number of infections and some virus'. Is this for real or a ploy to have me buy thier software.

 

Any help would be appreciated.

 

Thanks,

 

James

Share this post


Link to post
Share on other sites

Hello, and welcome to the Lavasoft support forums :D

 

I apologize for the delay in responding to your thread. We get overwhelmed at times but we are trying our best to keep up.

If you have since resolved the original problem you were having, I would appreciate you letting us know.. If not please perform the following below so I can have a look at the current condition of your machine.

 

Thanks and again sorry for the delay.

 

Please download Deckard's System Scanner (DSS) and save to your Desktop.

alternate download site

 

DSS will do the following:

  • Create a new System Restore point in Windows XP and Vista.
  • Clean your Temporary Files, Downloaded Program Files, Internet Cache Files, and empty the Recycle Bin on all drives.
  • Check some important areas of your system and produce a report for me to analyze.
  • Automatically run HijackThis. It will also install and place a shortcut to HijackThis on your desktop if you do not already have it installed. So if HijackThis is not installed and DSS prompts you to download it, please answer yes.

You must be logged onto an account with administrator privileges when using.

  • Close all applications and windows.
  • Double-click on dss.exe to run it and follow the prompts.
  • If your anti-virus or firewall complains, please allow this script to run as it is not
    malicious.
  • When the scan is complete, two text files will open in Notepad:
    • main.txt <- this one will be maximized
    • extra.txt <- this one will be minimized

    [*]If not, they both can be found in the C:\Deckard\System Scanner folder.

    [*]Please copy (Ctrl+C) and paste (Ctrl+V) the contents of main.txt and extra.txt in your next reply.

-- When running DSS, some firewalls may warn that it is trying to access the Internet especially if your asked to download the most current version of HijackThis. Please ensure that you allow it permission to do so.

-- If you get a warning from your anti-virus while DSS is scanning, please allow DSS to continue as the scan is not harmful.

 

 

Next

Please do an online scan with Kaspersky WebScanner

 

Click on Accept Button

 

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT

  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:

      Extended (if available otherwise Standard)

    • Scan Options:

      Scan Archives
      Scan Mail Bases

    [*]Click OK

    [*]Now under select a target to scan:

      Select My Computer

    [*]This will program will start and scan your system.

    [*]The scan will take a while so be patient and let it run.

    [*]Once the scan is complete it will display if your system has been infected.

    • Now click on the Save as Text button:

    [*]Save the file to your desktop.

    [*]Copy and paste that information in your next post.

Many thanks.

Share this post


Link to post
Share on other sites

Due to lack of feedback, this topic has been closed.

 

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this