Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

« previous next »
Pages: [1]   Go Down

Author Topic: Trojan horse agent 2.JCS discovered today  (Read 4360 times)

0 Members and 1 Guest are viewing this topic.

altaprice

    Topic Starter


    Starter

    Trojan horse agent 2.JCS discovered today
    « on: June 02, 2009, 08:02:07 PM »
    I was so grateful to find this site, and have followed all the steps and created the logs, which I will try to attach. Any help you can give me would be very much appreciated.

    I have Windows XP and run AVG 3 times a week. The scan on 5/31/09 was fine, but today (6/2/09) I found three files infected with Trojan Horse Agent 2.JCS. AVG would not remove them because "the moved object is bigger than the archive size limit". All three infected files are in old computer files from my previous computer (copied to this one's hard drive) and are in My Pictures/Sample Pictures. I am sure I don't need those files, so could I just delete them? Would that solve the problem? I wasn't sure, so I didn't do anything.

    Following your steps, I removed Viewpoint Manager (remove only) and Viewpoint Media Player. I ran the CCleaner, the superantispyware, and mbam. I had a very old Java, which I updated.

    I had not been updating Windows, and the day before I found the infection I went through the process of getting SP3 and also downloaded 2 or 3 optional updates. I wondered if that had anything to do with getting the Trojan Horse.

    I am going to attach the mbam log and hijink log.

    Superantispyware is at

    http://www.filedropper.com/superantispywarescanlog-06-02-2009-19-03-08

    Thanks so much! I have to go to bed, but I will check back in the morning.

    Alta Price
    Bettendorf, Iowa




    [attachment deleted by admin]
    Logged

    altaprice

      Topic Starter


      Starter

      Re: Trojan horse agent 2.JCS discovered today
      « Reply #1 on: June 03, 2009, 06:15:01 AM »
      Interesting! Concerned that the Trojan might be spreading (I don't even know if they spread), I scanned my computer this morning and it didn't find any infection.

      Does that mean the steps I followed yesterday took care of it?

      Maybe I am done?

      Thanks!

      Alta
      Logged

      altaprice

        Topic Starter


        Starter

        Re: Trojan horse agent 2.JCS discovered today
        « Reply #2 on: June 03, 2009, 06:23:43 AM »
        Hi again.

        I read on the other thread that this trojan is a false positive.

        I did try to do the hijack this self help thing last night, and there were 2 things that came up it said I should correct. However, I have no idea how to correct those things, so if you wouldn't mind looking at that for me I would really appreciate it!

        No hurry, though. I am not sure if I have "bumped" my thread by posting replies. I didn't understand that part of your directions, and apologize if I am not following them. Even if it puts me to the end of the line, I suspect my problems aren't as severe as others anyway.

        Thanks again.

        Alta
        Logged

        Valeegurl



          Newbie

          Re: Trojan horse agent 2.JCS discovered today
          « Reply #3 on: June 04, 2009, 09:54:27 AM »
          Re: trojan hoarse agent2.jcs
          Posted by: sevcikp - AVG Team (IP Logged)
          Date: June 1, 2009 09:53PM

          Hello,

          no need to sent the file to AVG Tech. We can confirm, that this detection really is false alarm. Update fixing this false is currently being prepared and should be released soon.
          Logged

          evilfantasy

          • Malware Removal Specialist
          • Moderator


            • Genius
          • Calm like a bomb
            • Thanked: 493
          • Experience: Experienced
          • OS: Windows 11
          Re: Trojan horse agent 2.JCS discovered today
          « Reply #4 on: June 04, 2009, 11:49:38 AM »
          Everything looks OK.

          You can have HijackThis fix this:

          O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

          Realtek AC97 Audio - Event Monitor. "Sypware" file used surreptitiously monitor one's actions. It is not a sinister one, like remote control programs, but it is being used by Realtek to gather data about customers

          Use the Secunia Software Inspector to check for out of date software.
          • Click Start Now
          • Check the box next to Enable thorough system inspection.
          • Click Start
          • Allow the scan to finish and scroll down to see if any updates are needed.
          • Update anything listed.
          .
          ----------

          Go to Microsoft Windows Update and get all critical updates.

          ----------

          I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

          SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
          * Using SpywareBlaster to protect your computer from Spyware and Malware
          * If you don't know what ActiveX controls are, see here

          Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

          Also see Slow Computer? It May Not Be Malware for free cleaning/maintenance tools to help keep your computer running smooth.
          Logged
          Pages: [1]   Go Up
          « previous next »