agent.exe - another Trojan?

Question

My machine started getting slow. I checked the task manager and learned that it no longer had idle time even when I was not running any apps. "agent.exe" seemed to using all spare cycles and then some. I searched the web and found that something named "agente.exe" was a Dell aupport and admin tool. Looking at my usage in add/delete program I learned that I had never used it at least according to that record. I removed the app, and "agent.exe" and the problem seemed to go away on the next reboot; I can't claim that this really fixed the problem.

This morning I noticed the problem again. Task manager indicated that "agent.exe" was back. I could mitigate the problem somewhat by lowering priority of agent.exe. But it still bugged me that I was no longer seeing idle cycles. What was this "agent.exe" process and what was it doing? I tried deleting the process and discovered that it reappeared shortly after.

I.e. this "agent.exe" thing is beginning to feel like a Trojan horse. Spybot, Adaware,
McAfee found nothing. Is it really nothing or something in the works?

I looked again on the web via google, and there were few hits. I then came to this forum and came away with the idea to do a Disk Cleanup, I guess to purge out any devious code
that might have crawled into the internet temporary area and elsewhere I suppose.

That seemed to do the trick.

Nevertheless, I am left with an uneasy feeling. I still do not know what the thing was,
what it was doing or where it came from.

For you who know of these things. Any thoughts?

regards,

atthecorner · Answer

Actually, related to this somewhat a perhpas rhetotical question.

I was wondering why companies the size of Dell have not adopted a process naming standard using a prefix or suffix that would at least allow one to associate a process as at least appearing to originate with software of that company?

I know this wouldn't keep deviants from hijacking a process.

A name like "agent.exe" might just as well be named "generic_process.exe".

-m

KissFan73 · Answer

Just a shot in the dark, do you use the Agent newsreader from Forte? That's the name of their EXE file. Just curious.

normbarb · Answer

I tried disk cleanup, but it didn't help.  My agent.exe seems to be related to ' Installshield update service'.  It is grinding my computer to a halt.  How can I get rid of it?   Norm

atthecorner · Answer

Interesting, Your symptoms some familiar. These days once I see agent.exe hogging the system, I reboot and it goes away. Neverthess with your info I searched the web and discovered the following from DMorriseau on

http://community.installshield.com/showthread.php?t=149852

"You might want to check the settings you have set up for the Program Updates in Control Panel as to how frequently it checks for updates and which applications are being checked. Since this is a terminal server that appears to be used for production, you might want to consider turning off automatic update checking and do it manually."

My machine is a laptop. I typically shut it down at night, I checked my autoupdate settings and discovered
that the update was scheduled for 3:00 am. The chance that the machine will be off at that time is probably
nearly 100%. I wonder if there is another threshold where if an update hasn't occurred in so much time, then an update is triggered anyway.

The docs for autoupdate suggest that one submit update manually at the end of the day. The machine can be
set to shutitself off once that task is complete. I do something similar for big downloads/uploads.

Good Luck.

normbarb · Answer

I just did a reboot and agent.exe has not come back.  I actually had to hold the switch to turn off the computer because the Start menu would not even come up.  I don't know what changed, but the computer is much better.  I have the Task Manager minimized so that I can monitor the CPU usage.  Maybe I can correlate agent .exe with a program if it returns.  Wish I know what was causing it.   Norm

Virus & Spyware

agent.exe - another Trojan?

Was this post helpful?