Services    Trojan info    Chat    Downloads      About Us      Contact  Us     Help Forum     Support Us    Search

Important  Please don't confuse this trojan with the back orifice removal tool of the same name, the back orifice removal tool called anti gen is a very good program and has no affiliations with the antigen trojan
Antigen is a trojan program that was made to steal peoples dial up network information (DUN) it then sends the dial up account passwords and logins  to  three email addresses which are :-

The server for this trojan is a file called antigen.exe and is 19456bytes . It doesn't register itself in your registry so all you need to do is to delete antigen .exe to kill the trojan

This trojan mirrors Netbus's features, however adds new commands to freeze/lockup your computer, grab passwords stored in the system, and open an FTP server to your hard drive.
First you need to delete the actual trojan file.
Click Start, go to Shutdown, and select the option 'Restart computer in MSDOS mode'.
This should put you at a C:\windows prompt.
Type dir exp*.*
You should see two files listed. One being 'ExpLorer.exe', and the other being 'ExlIorer.exe'.
Note the difference by one letter, the L (ell) and I (eye).
Explorer.exe, with an L (ell) is the windows kernel itself.
ExpIorer.exe, with an I (eye) is the trojan.
Type del expiorer.exe (EYE, not ell) to remove the trojan.
Last type exit to return to windows.
Next you need to remove the registry lines.
Click Start, and go to Run. In the box, type regedit and click OK.
When regedit starts, you will see a file-like tree on the left hand panel. Open the folders to follow the path:
At the end, click on 'Run', and the right hand panel should change.
Look on the right hand side for the key:
Explorer ="C:\WINDOWS\expiorer.exe"
Right click on that line only and choose delete. Close regedit and reboot your PC.