trojan.win32.agent.xud

M

Maurice N ~ MVP

Would you provide details as to what file or files were specifically tagged,
and mention what antivirus program / anti-malware app was used that found
this issue.

--
Maurice N
MS-MVP
--
"proinwv" <proinwv@discussions.microsoft.com> wrote in message
news:CD953DB4-1452-4204-A472-56D5723E6C99@microsoft.com...
> Does anyone know anything about this virus?
 
D

David H. Lipman

From: "proinwv" <proinwv@discussions.microsoft.com>

| Does anyone know anything about this virus?

From the name we can determine it is nOT a virus it is a Trojan Agent. However that's
all.

Please provide MORE information...
- Name of anti malware application that delaclred this
- Fully qualified name and path to the file deemed infected.
- What the OS is where this Trojan was found.

Any log extracts would be helpful.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
P

proinwv

I run ZoneAlarm Suite, current version, 7.0.483.000

On a scan it identified the trojan, exactly as I did in the subject line,
and said it was taken care of. No further information was provided.

It did then tell me to reinstall XP SP3. I did that and had a problem in
that SP3 reported that setup could not copy wextract.exe.

I discussed this on another MS forum and was told not to worry about it, if
XP was working ok, which it is.
 
D

David H. Lipman

From: "proinwv" <proinwv@discussions.microsoft.com>

| I run ZoneAlarm Suite, current version, 7.0.483.000

| On a scan it identified the trojan, exactly as I did in the subject line,
| and said it was taken care of. No further information was provided.

| It did then tell me to reinstall XP SP3. I did that and had a problem in
| that SP3 reported that setup could not copy wextract.exe.

| I discussed this on another MS forum and was told not to worry about it, if
| XP was working ok, which it is.

OK.

ZoneAlarm's AV solution does not provide a good encyclopedia. Therefore we can't
determine what this Trojan's payload or objective was.

However, there is still the possibility that your PC is still infected with something that
zonealarm's AV solution failed to detect.

I suggest scanning with the following...


Download MULTI_AV.EXE from the URL --
http://www.pctipp.ch/ds/28400/28470/Multi_AV.exe

http://www.pctipp.ch/downloads/dl/35905.asp

English:
http://www.raymond.cc/blog/archives/2008/01/09/scan-your-computer-with-multiple-anti-virus-for-free/

To use this utility, perform the following...
Execute Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose Unzip
Choose Close

Execute C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file.

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
P

proinwv

Dave, I did run the scan from MS Live and it found one virus/spyware, not
identified, which it dealt with.

Would this be adequate?
 
D

David H. Lipman

From: "proinwv" <proinwv@discussions.microsoft.com>

| Dave, I did run the scan from MS Live and it found one virus/spyware, not
| identified, which it dealt with.

| Would this be adequate?

Since you are talking about Windows Live OneCare -- NO. :-(

I suggest doing a scan with at least the Trend Micro module and possibly Sophos as well.

If you do the Sophos scan, you may want to limit it to just the tree of C:\Windows rathar
then the enire disk.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
 
You must log in or register to reply here.

Similar threads

A
Can i completly remove drivers and reinstall them ?
Replies
0
Views
53
Ali Abd Alhadi
A
R
Mouse jumping problem with laptop is turned on or starting a program
Replies
0
Views
7
Rose Love2
R
J
Unable to Save/Sync a Card as a Payment Option on Xbox and PC
Replies
0
Views
19
Jacari Watson
J
J
Unable to Save/Sync a Card as a Payment Option on Xbox and PC
Replies
0
Views
19
Jacari Watson
J
M
Sudden loss of storage space, virus?
Replies
0
Views
17
Matt&Matt
M
Back
Top Bottom