Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Removing Win32/Malagent Trojan - The Easiest Way

01 Nov 2011   #1

Windows 7 Home Premium 64 Bit Service Pack 1
 
 
Removing Win32/Malagent Trojan - The Easiest Way

Well, I recently found out that I had the infamous Win32/Malagent Trojan on my PC when I ran a quick scan through Microsoft Security Essentials. As you know, if you just remove it while in your regular mode, it will just keep coming back. I found a way to easily remove it. Here's what I did. I rebooted the computer into Safe Mode with Networking. I made sure to log into the administrator account so I had all administrator permissions. I then ran a quick scan through Microsoft Security Essentials. It picked it up and I clicked remove. It was then gone, it didn't come back at all. Now I have a nice, clean and fast PC and the infamous threat was gone. Never knew it could be that easy. Hope I helped anyone suffering with this infection. Remember, if you discover this threat on your PC, take action immediately and remove it as it can seriously damage your computer throughout time and even mess with protected registry keys. Save your computer before it's too late!

My System SpecsSystem Spec
.

01 Nov 2011   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Well, it might not be that easy
http://www.threatexpert.com/report.a...7616e41da21684

Quote:
Trojan.Win32.Malagent.a is a very malicious item that's designed to allow remote access to your computer to largely occupy precious system resource, trace your Internet habits, to record/steal your personal information.
Change all passwords, using a known "clean" computer.

Next, you will need to flush the DNS cache and restore MS's Hosts file by doing this...

Copy and paste these lines in Note pad.

@Echo on
pushd\windows\system32\drivers\etc
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
popd
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click on the flush.bat file to run it as Administrator (press enter key). Your computer will reboot itself.

Now, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Scan with Malwarebytes (free) Anti-Malware:

Download Malwarebytes' Anti-Malware to your desktop
Download Malwarebytes' Anti-Malware 1.51.2.1300 Free - Thoroughly detect and remove even the most advanced malware - Softpedia
* Right-click (to run as Administrator) mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.
My System SpecsSystem Spec
28 Mar 2012   #3

window 7 home premium 64 bit
 
 

I had both win32/Malagent and win32/keygen. MS Security Essentials couldn't remove either before doing the suggestions here. I ran the bat file, then the malawarebytes - which did not find either. But MS Security essentials still found the keygen, but by running it (after doing the bat file) in safe mode, it was able to remove the keygen. I've restarted and run both security programs and it seems all is well..... Should I breathe easily now?.
My System SpecsSystem Spec
.


Reply

 Removing Win32/Malagent Trojan - The Easiest Way




Thread Tools



Similar help and support threads for2: Removing Win32/Malagent Trojan - The Easiest Way
Thread Forum
Trojan.Win32.Jorik.Midhos.axf System Security
Trojan:Win32/FakeSysdef System Security
Win32/fynlovski.aa trojan problem System Security
Solved Trojan:Win32/Comroki!rts System Security
Win32/Lethic is a trojan Security News
trojan downloader:win32/cutwail.ba HELP! System Security
Trojan-Downloader.Win32.VB.bbl System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:00 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33