Help! - Any advice on trojans removal ?

Page 1 of 4 123 ... LastLast

  1. Posts : 207
    Windows7 Pro x64
       #1

    Help! - Any advice on trojans removal ?


    Hi

    Any advice on how best to remove trojans?

    BACKGROUND
    At the bottom right of my Windows7 screen, the Action Center gave me the following alerts:
    - "Remove the W32/Gaobot.worm.genu - Win32/RBot.3eu!Worm virus"
    and
    - "Remove the Trojan.PWS.Legmir.AD / W32.Ahlem.A@mm virus"

    Strangely the anti-virus software that I am running - AVG (Free)(V9-LATEST) - completely failed to find either of these viruses, even though I regularly make sure that it is bang up to date.


    STEPS TAKEN SO FAR
    I have downloaded SuperAntiSpyware, MalwareBytes, and A-Squared Free(v4.5).
    I tried rebooting Windows7 in Safe Mode, by hitting F8 repeatedly during reboot.
    However I could not get this to work. The first time I tried all that happened is that Windows7 completely failed to boot! The second and third times simply produced a normal boot.

    I then ran MalwareBytes which found some stuff, at which point (very late in the day!) AVG found some stuff too.

    So then I tried running msconfig.exe and selected "Diagnostic Startup" and rebooted into a safe mode.

    Right now I am running an A-Squared scan and re-running MalwareBytes scan...

    ...But what is extremely worrying to me, is that I can't get AVG to run a scan right now. if I click on the "Computer Scanner" tab, and then click on "Scan Whole Computer", all that happens is that it says "! There are no active components" at the top of that window. (Is this because I have booted into "Diagnostic Startup" mode?

    What should I do?
    e.g.
    - What else should I use to scan for trojans/viruses?
    - How will I know when I have removed all the trojans/viruses?

    All advice much appreciated!


    Ship
      My Computer


  2. Posts : 14
    Windows 7 Ultimate Edition (build 7600) Default web client: Mozilla Firefox Default email client: Mi
       #2

    shiphen said:
    Hi

    Any advice on how best to remove trojans?

    BACKGROUND
    At the bottom right of my Windows7 screen, the Action Center gave me the following alerts:
    - "Remove the W32/Gaobot.worm.genu - Win32/RBot.3eu!Worm virus"
    and
    - "Remove the Trojan.PWS.Legmir.AD / W32.Ahlem.A@mm virus"

    Strangely the anti-virus software that I am running - AVG (Free)(V9-LATEST) - completely failed to find either of these viruses, even though I regularly make sure that it is bang up to date.


    STEPS TAKEN SO FAR
    I have downloaded SuperAntiSpyware, MalwareBytes, and A-Squared Free(v4.5).
    I tried rebooting Windows7 in Safe Mode, by hitting F8 repeatedly during reboot.
    However I could not get this to work. The first time I tried all that happened is that Windows7 completely failed to boot! The second and third times simply produced a normal boot.

    I then ran MalwareBytes which found some stuff, at which point (very late in the day!) AVG found some stuff too.

    So then I tried running msconfig.exe and selected "Diagnostic Startup" and rebooted into a safe mode.

    Right now I am running an A-Squared scan and re-running MalwareBytes scan...

    ...But what is extremely worrying to me, is that I can't get AVG to run a scan right now. if I click on the "Computer Scanner" tab, and then click on "Scan Whole Computer", all that happens is that it says "! There are no active components" at the top of that window. (Is this because I have booted into "Diagnostic Startup" mode?

    What should I do?
    e.g.
    - What else should I use to scan for trojans/viruses?
    - How will I know when I have removed all the trojans/viruses?

    All advice much appreciated!


    Ship
    Combofix is the Best

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    After comments
      My Computer


  3. Posts : 4,772
    Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
       #3

    Hi Ship, Welcome to SF,

    I guess the AVG failed to start the scan might be because when to switched to selective startup you might have stopped the service required to function AVG. In MSCONFIG under services tab you could Sort by Company name and enable AVG. Personally i would recommend Microsoft Security Essentials then if you think the your security is not detecting the Trojans then you could install MSE and update it then try to scan and see whether it finds something. Also you could try some Online scanners like Kaspersky or ESET which are free. Just Google Online scanners you would find it.

    Hope this helps,
    Captain
      My Computer


  4. Posts : 207
    Windows7 Pro x64
    Thread Starter
       #4

    @Bolaxad - Sorry my Windows7 is 64 bit. Combofix does not appear to run as 64 bit...

    @Captain - Yes, someone else recommended "Microsoft Security Essentials" which I am not running a scan with...

    Thanks both

    Ship
      My Computer


  5. Posts : 135
    Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
       #5

    You have a tricky worm there according to McAfee.

    Please try MSE rather than just relying on AVG 9. It is better to try different AV when you are in a tight situation like this.
      My Computer


  6. Posts : 11,408
    ME/XP/Vista/Win7
       #6

    Try this:

    start>run>then in the box type in & enter following

    mrt

    this will start the windows malicious software removal tool

    do a full scan

    Malicious Software Removal Tool
    Last edited by theog; 10 Jan 2010 at 08:54. Reason: added link
      My Computer


  7. Posts : 183
    Windows 7 Ultimate X64
       #7

    Yes it is also a good idea to run a couple of AV's in safe mode as well for those tricky ones that are hard to find or respawn themselves.
      My Computer


  8. jav
    Posts : 713
    Windows 7 Ultimate x86 SP1
       #8

    Use any of those according to your preference:

    Linux based Bootable CD (Highly recommended for cleaning infected PC):
    F-Secure Rescue CD 3.00 released
    Avira AntiVir Rescue System
    Dr.Web CureIt!
    http://download.bitdefender.com/rescue_cd/
    VIPRE Rescue
    13 Antivirus Rescue CDs Software Compared in Search For the Best Rescue Disk Raymond.CC Blog

    a-squared Emergency USB Stick (rescue USB stick, portable)

    Online Scanners:
    a-squared Web Malware Scanner
    COMODO AV SCANNER
    Free Online Scanner F-Secure
    BitDefender Online Scanner
    PANDA SECURITY
    Free ESET Online Antivirus Scanner
    McAfee
    HouseCall - Free Antivirus Scan
    avast! Online Scanner

    Anti-Malware scanners: (in order of personal preference)
    Malwarebytes.org
    The home of Spybot-S&D!
    SUPERAntiSpyware.com
    Ad-Aware by Lavasoft

    List of Dedicated Anti-Trojan Scanners:
    List of Dedicated Anti Trojan Products - Wilders Security Forums


    More Alternative Scans:
    Alternative Scans - MajorGeeks Support Forums

    Personal recommendation download Ccleaner (CCleaner - Home) and clean temp files before scans.
    Trojan Remover - Program Details (helped me once)
    Hitman Pro 3 - SurfRight (very quick scan, if it detects somethings, activate trial version to clean up)

    Hope you will get some ideas from this

    EDIT: +1 for theog's recommendation. Run Windows Malware removal tool
      My Computer


  9. Posts : 135
    Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
       #9

    theog said:
    Try this:

    start>run>then in the box type in & enter following

    mrt

    this will start the windows malicious software removal tool

    do a full scan

    Malicious Software Removal Tool
    Oh a new command for me. This will be very useful. Tnx!
      My Computer


  10. Posts : 183
    Windows 7 Ultimate X64
       #10

    Nice list jav. That should be a sticky somewhere. I would also recommend a live cd scan as well. I suggested a safe mode scan to help find any hidden malicious code though the live cd would be even better.
      My Computer


 
Page 1 of 4 123 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 10:52.
Find Us