Solved RogueAgent/Gen-Nullo - Trojan

nougart

New Member
Member
Messages
136
I realise now that it is this Trojan that has infected my laptop. I cannot remove it with SuperAntiSpyware . I scan my laptop twice a day with SuperAntiSpyware and check for this threat to be removed, but it is not removed as the same threat is detected everytime I do a scan. I have scanned with Malwarebytes and Spybot but cannot remove it.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio

My Computer

System One

  • OS
    Windows 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Home made
    CPU
    AMD Ryzen7 2700x
    Motherboard
    Asus Prime x470 Pro
    Memory
    16GB Kingston 3600
    Graphics Card(s)
    Asus strix 570 OC 4gb
    Hard Drives
    Samsung 960 evo 250GB
    Silicon Power V70 240GB SSD
    WD 1 TB Blue
    WD 2 TB Blue
    Bunch of backup HDDs.
    PSU
    Sharkoon, Silent Storm 660W
    Case
    Raidmax
    Cooling
    CCM Nepton 140xl
    Internet Speed
    40/2 Mbps
    Browser
    Firefox
    Antivirus
    WD
Try with some of this programs : MG Search - MajorGeeks

Thanks for the link but I don't have to licence to start repairing the problems detected for this program. I have got a licence for both SuperAntiSpyware and Malwarebytes and neither of them can remove this Trojan and I don't know if this one can either.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio

My Computer

System One

  • OS
    Windows 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Home made
    CPU
    AMD Ryzen7 2700x
    Motherboard
    Asus Prime x470 Pro
    Memory
    16GB Kingston 3600
    Graphics Card(s)
    Asus strix 570 OC 4gb
    Hard Drives
    Samsung 960 evo 250GB
    Silicon Power V70 240GB SSD
    WD 1 TB Blue
    WD 2 TB Blue
    Bunch of backup HDDs.
    PSU
    Sharkoon, Silent Storm 660W
    Case
    Raidmax
    Cooling
    CCM Nepton 140xl
    Internet Speed
    40/2 Mbps
    Browser
    Firefox
    Antivirus
    WD
The infection is actively running in the background when you try to delete it, so it is not fully uninstalled.

Rogue.Agent/Gen-Nullo Dll is often related to browser hijackers that are affiliated with Z0g7yail.com, a site that redirects search engine results to deliver affiliate-funding traffic to itself. Some Z0g7yail.com infections may also include Trojans such as Trojan.Agent/Gen-Alureon

D/L & run RKill to terminate the process & then run Malwarebytes.

RKill Download

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.

Another alternative is to boot into safe mode & run Malwarebytes.

D/L & Run Norton Power Eraser. In the R Hand corner, click on "Settings", make sure "Include Rootkit Scan" is unchecked (NPE has caused occasional problems in this area with Win 8/8.1)

https://security.symantec.com/nbrt/npe.aspx

Because Norton Power Eraser uses aggressive methods to detect threats, there is a risk that it can select some legitimate programs for removal. If you accidently remove a legitimate program, you can run Norton Power Eraser to review past repair sessions and undo them.

Next, D/L & run TDSSKiller, click on "change parameters" & make sure the "Detect TDLFS file system" is checked. If any threat is found, delete it. In most instances you will have to reboot.

Your other option would be to restore back to a point before the infection. Since most malware nowadays embeds itself in the 1st restore point, restoring to the 2nd or 3rd point prior to the infection is recommended.
 

My Computer

System One

  • OS
    Win 7 32, Win 7 64 Pro, Win 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    It's a Dell, Dude.
    CPU
    Intel Caffinated Core Duo
    Motherboard
    Father is bored too.
    Memory
    4 GB
    Graphics Card(s)
    NVidia something-or-another
    Monitor(s) Displays
    24" HD TV/Monitor/Alternative Dimensional Viewing Portal
    Screen Resolution
    Fuzzy after a couple drinks
    Hard Drives
    2 or 3, depending on if it's a night they're arguing about having a "split personality crisis" because I partitioned the drive.
    Case
    Don't get on my case....man
    Cooling
    Scotch on the rocks on the weekends..
    Keyboard
    Mad Catz Cyborg V7. Or maybe Cyborg Catz Are Mad At V7's??? I know it lights up...far out.
    Mouse
    currently being stalked by the cat...
    Internet Speed
    Never fast enough...
    Browser
    Defeated by Mario...wait...OH...BRowser...
    Antivirus
    Various
D/L & run RKill to terminate the process & then run Malwarebytes.

I have already d/l and run Rkill when I could not open Malwarebytes (I started a separate thread on that). I realise now that it was this RogueAgent/Gen-Nullo that had infected my laptop and was stopping Malwarebytes starting.


Another alternative is to boot into safe mode & run Malwarebytes.

I have run Malwarebytes but it is not removing this threat and SuperAntiSpyware is detecting the threat but is not removing it.


I have searched for this threat and found it in my C: drive but cannot remove it. I thought I would try and remove it before doing a system restore. Thanks for the links I will try Norton and DSS Killer.

Have d/l Norton and it found that I had an old version of Java but did not find this trojan and I downloaded the DSS Killer but that found no threats. I will remove the old version of Java and I think I will probably have to do a system restore to an earlier point. Thanks for your help.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio
When you are attacked by Rogue.Agent/Gen-Nullo Dll, it will steal your confidential or sensitive data. Failure to remove malware associated with the Rogue.Agent/Gen-Nullo Dll file from your computer system may result in the possible disclosure of your personal data, as well as increasing the risk for identity theft and other kinds of online fraud.

In otherwords, keep an eye on your online accounts. You should probably change the passwords on those once you get rid of this PIA.

I did a search for manual removal. I found these instructions, although a bit generic, you might want to give them a try. Make a backup of your system/restore point just in case. If you can't delete them in standard mode, try running in safe mode.

Before you give the manual method a go, try running these & see if they weed it out. Might be a good idea to run RKill before you run these tools. That should give them a better chance of success. At this point, you should run RKill before running any of the tools to give them a chance of removing it. Did you run RKill before you ran MBam & SuperAntiSpyware?

Malicious Software Removal Tool

Download Malicious Software Removal Tool from Official Microsoft Download Center

RogueKiller

RogueKiller Download

AdwCleaner

AdwCleaner Download

And here is the manual removal info I found....so far...

Open task bar by pressing CTRL + DEL + ALT and terminate all the process related to Rogue.Agent/Gen-Nullo Dll threat.
Open Registry Window by typing “regedit” in Run window.
Once it opens search the registry files related to Rogue.Agent/Gen-Nullo Dll and delete all of them.
Search all the Rogue.Agent/Gen-Nullo Dll related files manually in your system and delete them.

Delete Rogue.Agent/Gen-Nullo Dll files and folders:

* %Program Files%\Rogue.Agent/Gen-Nullo Dll\Rogue.Agent/Gen-Nullo Dll.exe
* %UserProfile%\Desktop\Rogue.Agent/Gen-Nullo Dll.lnk
* %UserProfile%\Start Menu\Rogue.Agent/Gen-Nullo Dll\Rogue.Agent/Gen-Nullo Dll.lnk
* %UserProfile%\Start Menu\Rogue.Agent/Gen-Nullo Dll\Help.lnk
* %UserProfile%\Start Menu\Rogue.Agent/Gen-Nullo Dll\Registration.lnk
* %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Rogue.Agent/Gen-Nullo Dll.lnk

Note: Found this site with a more definitive list of items/reg keys (Starting 1/2 way down the page). It's an older post but my prove useful.

Remove Rogue.Agent/Gen-Nullo (Removal Guide), How To Remove Rogue.Agent/Gen-Nullo | Cleanpcguide.com
 
Last edited:

My Computer

System One

  • OS
    Win 7 32, Win 7 64 Pro, Win 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    It's a Dell, Dude.
    CPU
    Intel Caffinated Core Duo
    Motherboard
    Father is bored too.
    Memory
    4 GB
    Graphics Card(s)
    NVidia something-or-another
    Monitor(s) Displays
    24" HD TV/Monitor/Alternative Dimensional Viewing Portal
    Screen Resolution
    Fuzzy after a couple drinks
    Hard Drives
    2 or 3, depending on if it's a night they're arguing about having a "split personality crisis" because I partitioned the drive.
    Case
    Don't get on my case....man
    Cooling
    Scotch on the rocks on the weekends..
    Keyboard
    Mad Catz Cyborg V7. Or maybe Cyborg Catz Are Mad At V7's??? I know it lights up...far out.
    Mouse
    currently being stalked by the cat...
    Internet Speed
    Never fast enough...
    Browser
    Defeated by Mario...wait...OH...BRowser...
    Antivirus
    Various

My Computer

System One

  • OS
    Windows 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    AsRock
    CPU
    Intel Core2 Quad Q8200
    Motherboard
    AsRock N7AD SLI
    Memory
    8GB DDRII
    Graphics Card(s)
    MSI Geforce GTX760 Twin Frozer
    Sound Card
    On Board Realtec
    Monitor(s) Displays
    Hanns G 221A
    Hard Drives
    Hitachi_HDP725050GLA360
    Case
    Yes, I have one. Less messy that way
    Mouse
    Squeek
    Browser
    Firefox
    Antivirus
    Avast
please go to bleepingcomputers

Hi All,
the best site i know for all malware removal and follow up advise is bleepingComputers, please then read the
am i infected sub-section and follow the instructions. they are really good

Roy
 

My Computer

System One

  • OS
    8.1 x64
    Computer type
    Laptop
    System Manufacturer/Model
    x55a asus
    Antivirus
    bitdefender
    Other Info
    this laptop was/is still posted on asus website as W7
Thanks everyone for all your help. I have tried everything mentioned here and no threats or malware were detected, except for the registry cleaners, one registry cleaner came up with 900 errors on my laptop .:eek: I did the registry cleaners' free scans and it meant I had to register for a licence before they could be removed. Am I right to be very wary about these? SuperAntiSpyware keeps detecting the same Trojan after every scan but does not remove it. I did a search in my C: drive for Rogue.Agent and it was listed as being in C:\Users\myrealname\AppData\Local......................................yet when I looked in there I could not find anything. I thought it might be hidden but could not find it in hidden. I think I will have to do a system restore and if it isn't removed, a factory reset, as I haven't had the infected laptop very long.
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio
I did the registry cleaners' free scans and it meant I had to register for a licence before they could be removed. Am I right to be very wary about these?

Yes, time to remove that scanner ASAP. This is a common ploy of rogue software, claims to find lot's of errors/problems, then will only remove them for a price. What was the name of this program? It's possible it may have introduced viruses into the system itself, as most of these rouges do.

If you want a good, free cleaner, D/L CCleaner. The free version will work fine. It will scan your registry, if it finds anything, it will offer you the option to make backups of the registry keys it will remove, so that you can reinstall them if problems arise.

Run CCleaner, then run another AV scan. It is a possibility there is a remnant of the infection left.

Resetting it to factory settings may be a good idea if you are having lots of problems with the current state. You also have other options available to you. You can do a reset or a refresh.

http://www.eightforums.com/tutorials/18052-refresh-reset-windows-8-without-installation-disk.html

http://www.eightforums.com/tutorials/2302-reset-windows-8-a.html

http://www.eightforums.com/tutorials/2293-refresh-windows-8-a.html

Windows 8 introduced the option to refresh and reset your PC to repair or reinstall Windows 8 with as needed. These new features are great for what they are intended for, but there are some drawbacks to them.

When you reset your PC, it will basically give you a clean install (retail) or factory recovery (preinstalled OEM) of Windows 8 afterwards. You will lose everything from your current Windows 8 installation.

When you refresh your PC, this basically repairs Windows 8 by reinstalling it while keeping your files, Store apps, most of your settings, etc..... However, all installed 3rd party desktop apps will be removed.
 

My Computer

System One

  • OS
    Win 7 32, Win 7 64 Pro, Win 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    It's a Dell, Dude.
    CPU
    Intel Caffinated Core Duo
    Motherboard
    Father is bored too.
    Memory
    4 GB
    Graphics Card(s)
    NVidia something-or-another
    Monitor(s) Displays
    24" HD TV/Monitor/Alternative Dimensional Viewing Portal
    Screen Resolution
    Fuzzy after a couple drinks
    Hard Drives
    2 or 3, depending on if it's a night they're arguing about having a "split personality crisis" because I partitioned the drive.
    Case
    Don't get on my case....man
    Cooling
    Scotch on the rocks on the weekends..
    Keyboard
    Mad Catz Cyborg V7. Or maybe Cyborg Catz Are Mad At V7's??? I know it lights up...far out.
    Mouse
    currently being stalked by the cat...
    Internet Speed
    Never fast enough...
    Browser
    Defeated by Mario...wait...OH...BRowser...
    Antivirus
    Various
Hello Borg,
I did Refresh and have done two SuperAntiSpyware scans and Rogue.Agent isn't listed as a detected threat, I still can't believe I've removed it. :shock: I already have CCleaner, but it just didn't detect it. Seems like so many of these viruses and infections are bundled in with software and you don't have the choice of unselecting and unchecking stuff that you don't want d/l. Thanks for your help.:)
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio
Glad you got it sorted. :D. In the future, when you d/l software, make sure to try & get it directly from the manufacturers website. If you get it from another site hosting the D/L, they could possibly inject some of their own toolbars/malware into it. Going to the manufacturers site doesn't guarantee it will be malware free, depending on the program, but it will reduce the chances.

When you go to install a program, don't do a standard installation. Instead, click on custom installation (if presented) & see if there are any hidden items. Some software has toolbars bundled into them that you can only deselect if you go to the custom panel.

The more trustworthy/legitimate software will tell you right up front if something extra is being added & give you the option to opt-out. Others will do anything to get that extra software into your system. Sad, but you have to be really careful nowadays.

If everything is running good & clean, you may want to consider making a system image. This tutorial will show you how to do that. Keep it on a separate HD or USB for maximum safety. Keep 2 or 3 in reserve in case you accidentally make one that has malware on it.

http://www.eightforums.com/tutorials/8956-system-image-create-windows-8-a.html

This tutorial will show you how to create a system image backup in Windows 8 and 8.1 to be able to use to restore the contents of your computer back to the state it was in when the system image was created if your HDD or computer ever stops working.
 

My Computer

System One

  • OS
    Win 7 32, Win 7 64 Pro, Win 8.1 Pro
    Computer type
    PC/Desktop
    System Manufacturer/Model
    It's a Dell, Dude.
    CPU
    Intel Caffinated Core Duo
    Motherboard
    Father is bored too.
    Memory
    4 GB
    Graphics Card(s)
    NVidia something-or-another
    Monitor(s) Displays
    24" HD TV/Monitor/Alternative Dimensional Viewing Portal
    Screen Resolution
    Fuzzy after a couple drinks
    Hard Drives
    2 or 3, depending on if it's a night they're arguing about having a "split personality crisis" because I partitioned the drive.
    Case
    Don't get on my case....man
    Cooling
    Scotch on the rocks on the weekends..
    Keyboard
    Mad Catz Cyborg V7. Or maybe Cyborg Catz Are Mad At V7's??? I know it lights up...far out.
    Mouse
    currently being stalked by the cat...
    Internet Speed
    Never fast enough...
    Browser
    Defeated by Mario...wait...OH...BRowser...
    Antivirus
    Various
When you go to install a program, don't do a standard installation. Instead, click on custom installation (if presented) & see if there are any hidden items. Some software has toolbars bundled into them that you can only deselect if you go to the custom panel.


If everything is running good & clean, you may want to consider making a system image. This tutorial will show you how to do that. Keep it on a separate HD or USB for maximum safety. Keep 2 or 3 in reserve in case you accidentally make one that has malware on it.

Thanks very much for telling me about doing a custom installation and making a system image, I will do that.:)
 

My Computer

System One

  • OS
    Windows 8.1
    Computer type
    Laptop
    System Manufacturer/Model
    Sony Vaio
Back
Top