JS:Agent-EDB Trojan Removal (Jan. 2018 Update)

0
633

A Trojan Horse infection can be quite intimidating as this type of PC malware is one of the worst that you can come across. You have more than likely already heard about just how dangerous and malicious Trojans can be – viruses from that category can cause all sorts of problems to your PC and your virtual security so you need to be well acquainted with their characteristics so that you know how to stay protected against them. Here, in this current article, we will be focusing on one relatively new Trojan Horse that goes under the name of JS:Agent-EDB. We will share with you some important information about this recently released piece of malware that you should know if you want to keep your machine safe from it. Also, for users who might have already had their system infiltrated by this noxious virus, we can also offer you removal instructions that could help you eliminate the virus threat from your PC so that it doesn’t cause any more harm. We advise you to read all the information provided on this page since being aware of what kind of malware you are dealing with and how to protect your computer against it is of utmost importance if you wish to have a clean and secured PC.

Versatility

One of the most crucial and defining characteristics of this particular malware type is its incredible versatility. A typical Trojan like JS:Agent-EDB can probably be used in a number of different ways and tasked to execute a number of different actions on the infected machine. This paragraph will go over the most important and common ways Trojans are usually utilized but know that the following list is by no means exhaustive and other uses of Trojan Horses that will not be mentioned here are also possible.

  • Backdoor for other malware – Surely you are all familiar with the myth from ancient Greece about the original Trojan Horse – a wooden construction in the shape of a horse that the Greek used to infiltrate the city of Troy without its defenders knowing about the soldiers hidden within the construction. Well, similarly, a Trojan Horse virus is able to pave the way for additional malware programs once it gets inside your computer. The Trojan might download some other virus such as a Ransomware or a banking malware program inside your PC after it infects it.
  • System damage – Trojans could also adopt a more straightforward approach by targeting and corrupting important system data on your PC which could lead to severe system damage. This can cause your computer to become very unstable and experience slow-downs, freezes, sudden shut-downs, frequent errors and Blues Screen (BSOD) crashes. This can often render the machine unusable.
  • Espionage – Some malware programs of the Trojan Horse category can also be effectively used as spying tools. They might gather telemetry data or take screenshots from your PC screen and send them to the hacker who controls the virus. Also, some Trojans could monitor your keystrokes or even use the webcam of your PC to stalk on you!
  • Botnet – A lot of Trojans create a whole network of computers that they have infected and that are controlled remotely by the cyber-criminal responsible for the malware infections. Those networks are called botnets and usually the PCs that are part of them are forced to execute certain tasks such as mining for cyber-currencies or further spreading the malware via spam online messages/e-mails.

Stealth

Another important factor that needs to be taken into consideration regarding Trojans is their high-level of stealthiness. It is often next to impossible to spot an infection by a virus like JS:Agent-EDB by looking out for its potential symptoms. There could, of course, be certain possible red-flags, for example, excessive use of RAM and CPU by some shady process in the Task Manager, frequent system errors or crashes to the dreaded Blue Screen of Death. However, on the one hand, the above mentioned symptoms could also be caused by other problems as well and, on the other hand, they might not always be present during a Trojan Horse infection.

Because of the stealthy behavior of most Trojans, the only truly effective way to stop them is to have a reliable security program – a good antivirus. Most such programs offer significant protection against Trojans – just make sure to always keep them enabled and updated to their latest versions.

How to keep your PC secured in future

Users that want a safe and secure PC need to understand that it is absolutely crucial to be responsible on the Internet and to be very careful with what sites you visit and what you interact with while browsing the net. Shady sites with bad reputation that might be illegal are to be avoided at all costs! Also, you mustn’t interact with anything such as links or fie attachments added to e-mails or social network messages that look like spam. In addition, be careful not to fall for any form of malvertising such as fake or misleading web offers and ads. All in all, using your common sense when surfing the World Wide Web is the best protection that you can offer to your computer.

JS:Agent-EDB Trojan Removal

Sidenote: Readers of this guide are advised to bookmark this page or have it opened on another device since it is possible that they will need to close the browser at a some point during the tie they are completing the following steps.

Step 1

The first thing that needs to be done prior to anything else is that you boot your PC into Safe Mode. If you are not sure how to do it, use this link to a guide on how to enter Safe Mode.

Step 2

Press Ctrl + Shift + Esc to open the Task Manager. Go to the Processes section and look for any suspicious-looking processes. Usually, malware processes use high amounts of RAM and CPU and also have shady description (or none at all). Right-click on those processes and select Open File Location. If you are sure that the process is coming from the virus, delete everything in the file location. Also, right-click on the process again and then select End Process.

Step 3

Press Winkey + R and type appwiz.cpl. Press Enter and in the newly opened window look for any shady program installs. Right-click on the suspicious programs and select uninstall. Follow the prompts to uninstall the sketchy application.

Step 4

Open the Run window again (Winkey + R), type msconfig and hit Enter. Go to the Startup section and from the list of programs, uncheck everything that seems shady or has an unknown or suspicious-looking manufacturer. Click on OK. On Windows 10, the startup programs list is in the Task Manager.

Step 5

Open the Start Menu and paste the following line in the search bar: notepad %windir%/system32/Drivers/etc/hosts. Click on the first result that gets displayed. A notepad file should open, look at the bottom of the text and see if there are any IP addresses below localhost. Write to us in the comments if you saw anything there.

Step 6

Type regedit in the Run search bar and hit Enter. When the Registry Editor opens, press Ctrl + F, type the name of the virus and select Find Next. If anything gets found, right-click on it and select Delete. Do this for all search results.

Additionally, manually navigate to the following directories and see if they have any folders/keys that look shady (with a lot of random numbers and letters):

  • HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Run
  • HKEY_CURRENT_USER > Software > Microsoft > Internet Explorer > Main
  • HKEY_CURRENT_USER > Software > Any other random directory

Delete everything that looks suspicious. If you are not sure whether to delete something, be sure to ask us in the comments.

 

SHARE
Previous articleHow to remove Newtab.Review
Boris' main task on TinySoftware is to keep an eye out for the latest cyber threats, software news and technology trends and then turn those into articles for this site. In his articles, he seeks to present the collected information in a way that would be easy to understand by the regular user allowing everyone to learn more about the each of the topics that he covers on TinySoftware.

LEAVE A REPLY

Please enter your comment!
Please enter your name here