Some advice please

Hi Guys and Gals,

Today my AVG anti-spyware found a trojan.agent.cj on my laptop. The agent was embeded into a software keygen that I downloaded . I had a folder of 4 or 5 keygens and I decided to scan all of them with jotti's virus scan.

Unfortunately, jotti's virus scan found at least 1 agent per file, so I deleted the folder from my hard drive and I then emptied the recycle bin. Are these files now completely gone? Also, I currently use NOD32, ZoneAlarm and AVG Anti-spyware remover (which was formally Ewido). Are these programs good enough to protect my network? If they're not; what are the best anti virus software, spyware remover and firewall?

I would like to add, that during my jotti scan, Ikarus found a few items that the other anti virus software didn't? I visited the Ikarus site but it is in German

I was very happy with my NOD32, but I am now kinda disillusioned with NOD32, especially after today's problems...

Any advice would be welcomed.

 

you should of sent the samples to eset before deleting them so that nod32 would detect them. no AV can give 100percent protection. so if it doesnt detect it you send it to the av companie so they can protect against it.

 

I've turned system restore off. How can I get these files back?

 

Actually, it is possible there wasn't a real trojan in each file. Some AV simply flag any keygen as a generic trojan since a keygen is not "supposed" to be on a desktop. Plus, many keygen use packers that are detected by AV, so it leads to many false positive.

 

Agree with all above.
First step, if something is found; investigate it. (Which you did by seeking alternative opinions.)
Second, if still suspicious, quarantine it.
Only delete it if you are 100% sure it is not something that is supposed to be there. Or after receiving information to this effect from your AV vendor, having submitted it.

You may possibly be able to recover the files by using recovery software, like Recuva.

Virtually all my detections these days (and there aren't many) give an identification based on heuristics. (Likely behaviour of the file). Such detections usually have a name like "gen" or "generic" in them. These should be treated as suspicious, not definites.

 

My advice.....Don't download crap like that.
There's enough malware floating around the web without asking for trouble.
But if you insist on this type of very risky surfing/downloading I would strongly suggest a sandbox app. Sandboxie for example, after downloading something one could and should scan with everything you have avaliable on your box. As well as with Virus Total before letting it out.