Recently I was asked by one our readers whose computer was infected by this Virus calledTrojan.Agent. This is a virus type that belongs to the Trojan virus family. The virus is mostly found in the svchost.exe file of the computer. It is a very potential virus and should be removed as soon as you detect it.
How to detect if your system has Trojan.Agent Virus?
• The weirdest thing that you will notice is that your Anti Virus would stop functioning. This virus has the ability to stop the AV from its proper functioning.
• Your system will get severely affected and would get extremely slow for no reasons.
• You might see some unexpected computer shutdowns or restarts.
• Then when if you scan your system with Mbam (highly advisable tool to have in the system), it will detect it and might delete it. But do note that Trojan.Agent virus might return back after the computer has been restarted.
• The virus can act as backdoor agent to many hackers to provide some confidential information.
How to remove Trojan.Agent Virus from the computer?
Removing Trojan.Agent virus from the system is not that difficult and requires sort of same steps that we most times perform to remove a malware.
1. First of all reboot the system to enter into the Safe Mode.
2. When in Safe Mode, run the Task Manager and terminate the process named asrandom.exe. This process is related to Trojan.Agent virus and termination is important as this will ensure that it is not running in the background.
3. Now we need to remove the virus from the system. This can be done manually and using a scanner. I would prefer both (please note that if you are unsure of the manual process, then do not proceed further as it might affect the system adversely.
4. So scan the system with Malwarebytes AntiMalware Mbam. If this finds the virus, quarantine it.
5. You also need to delete the following files (whichever you can find)
C:\windows\system32\Svchost.exe
C:\Windows\winsxs\amd64_microsoft-windows-s..s-service\controller_31bf3892wo9a07b1\services.exe
C:\Windows\Installer\{bbee3ba2-89af-930c-bb78-1fb4e17db3cc}
6. Now we need to delete the following registry keys too (again whichever you can find)
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\ CurrentVersion\Run\Random.exe
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Random.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\ policies\explorer “EnableShellExecuteHooks”= 1 (0×1)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ Explorer\run\Random.exe
A system restart might have solved the problem for you and the Trojan.Agent virus should not be there
No comments:
Post a Comment