Avast WEBforum

Other => Viruses and worms => Topic started by: Barbie on April 06, 2005, 04:22:55 AM

Title: bds/agent.ay trojan virus
Post by: Barbie on April 06, 2005, 04:22:55 AM
A friend's husband picked up this nasty virus on her computer. I placed the Avast virus protection on her system several months back. Avast notified her of the virus but it won't remove it or lock it up. Instead it locks up her computer, thus protecting her from the virus in a sense. She needs her computer back. Almost everything on the net about this virus seems to be in German. She lives 150 miles from me. I am going to try and manually walk her through removing this Trojan over the telephone. She's not that computer literate and I'm not that much of a programmer. We are in trouble before we start. She's running windows 2000 and that isn't my forte either. Can't be simple can it?
always,
Barb
Title: Re: bds/agent.ay trojan virus
Post by: Fast on April 06, 2005, 06:47:33 AM
Hello Barbie, fortunately Germany is my nabour-country, so my language and German rassemble much and from what I've read in the German bulletin-boards, a lot of people have got this trojan horse.
It should be possible to get rid of it with Lavasoft Ad-Aware.
http://www.lavasoftusa.com/software/adaware/

It's freeware, but you probably know the program already.
By the way, booting w2k in safe-mode is done by tapping F8 while booting.

Bye,  Ken  ;D
Title: Re: bds/agent.ay trojan virus
Post by: Wight on April 06, 2005, 02:51:17 PM
You should also try Spybot Search & Destroy: www.spybot.info/en/download/index.html (http://www.spybot.info/en/download/index.html)

Update it and scan your PC in safe mode with avast! Ad-awareSE and Spybot S&D. This usually cleans presistent buggers. If this does not help, post your HijackThis log here.
Title: Re: bds/agent.ay trojan virus
Post by: Barbie on April 18, 2005, 04:29:50 AM
This is a particularly nasty virus as it puts Windows 2000 in a loop and won't complete the startup. There isn't a virus cleaner out there to get rid of this monster. However it's easy enough to do when one knows the exe files that are driving this thing. There are two files. I'm sorry I don't have my notes but if anyone needs rescue let me know and I'll help.

The steps are to boot to safe mode
go to windows explorer
delete the two exe. files that are host to this virus

That's it and if two women can do this a couple hundred miles apart then what can I say?

I suggested she run a registry editor to clean out the start file pointing to the now defunct execute files but she is NOT computer tech minded. I was afraid she would get carried away and delete necessary files and not know how to reinstall so we left it as it is. The start up command lines in the registry pointing to the now defunct exe files is a small insignifigant matter and takes up no windows resources.

Let sleeping dogs lie.
thanks to everyone for their help and support
always,
Barb