Hi guys.
Some helpful fellows at Ewido solved my problem regarding agent.uj
Here is what they suggested: Download Blacklight at
http://www.f-secure.com/exclude/blacklight/index.shtml
and run a search. My search turned up several hidden processes. They
asked
me to rename a few of them, which is an option given in the program (they
told me to NEVER rename C:\WINDOWS\system32\wbem\wbemtest.exe - this is a
legitimate file). The program renamedthe files and rebooted the computer.
I
then ran the computer in Safe Mode and Ran Ewido again. This completely
cleared Agent.uj off my computer.
However, I must warn everyone that I am NOT a computer tech. Please check
with more educated people about which files to rename and which to leave
alone after running blacklight.
For reference, the files I had to rename included
C:\WINDOWS\system32\dmxbb.exe
C:\WINDOWS\system32\filesafer23.exe
C:\WINDOWS\system32\favset.exe
C:\WINDOWS\system32\howiper.exe
C:\WINDOWS\system32\cspyb.exe
C:\WINDOWS\system32\csiqx.exe
These were the source of agent.uj on my computer. They are renamed with a
new extension - for example, howiper.exe becomes howiper.exe.ren - and
they
can then be manually deleted.
Frozencanuck said:
Yes, I have been doing scans in both safe and normal mode.
Bill Sanderson said:
Are you doing scans in safe mode?
--
message
I too am having the EXACT same problem with Agent.uj
It is found in the momory and Ewido will not erase it. [Norton
Antivirus
doesn't even find it (I'm losing faith in that product very quickly)]
How
can I remove this?
Cheers,
Gregory
:
When looking for the removal of small.popcorn 64 and PWS-Pinch
password
stealers that couldn't be removed with Microsoft Antispyware I used
the
Ewido
and found about 20 other trojans in my computer.
Ewido took charge of them but showed an error removing the Agent.uj
that
was
found when scanning the memory. I tried MS Antispyware and Ewido in
safe
mode
but the infection is still there.
Everytime I open IExplorer it seems to open the door to the trojans
I
mentioned above and some others that are reinstalled in my system.
Any suggestion?