Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Help! - Any advice on trojans removal ?


10 Jan 2010   #1

Windows7 Pro x64
 
 
Help! - Any advice on trojans removal ?

Hi

Any advice on how best to remove trojans?

BACKGROUND
At the bottom right of my Windows7 screen, the Action Center gave me the following alerts:
- "Remove the W32/Gaobot.worm.genu - Win32/RBot.3eu!Worm virus"
and
- "Remove the Trojan.PWS.Legmir.AD / W32.Ahlem.A@mm virus"

Strangely the anti-virus software that I am running - AVG (Free)(V9-LATEST) - completely failed to find either of these viruses, even though I regularly make sure that it is bang up to date.


STEPS TAKEN SO FAR
I have downloaded SuperAntiSpyware, MalwareBytes, and A-Squared Free(v4.5).
I tried rebooting Windows7 in Safe Mode, by hitting F8 repeatedly during reboot.
However I could not get this to work. The first time I tried all that happened is that Windows7 completely failed to boot! The second and third times simply produced a normal boot.

I then ran MalwareBytes which found some stuff, at which point (very late in the day!) AVG found some stuff too.

So then I tried running msconfig.exe and selected "Diagnostic Startup" and rebooted into a safe mode.

Right now I am running an A-Squared scan and re-running MalwareBytes scan...

...But what is extremely worrying to me, is that I can't get AVG to run a scan right now. if I click on the "Computer Scanner" tab, and then click on "Scan Whole Computer", all that happens is that it says "! There are no active components" at the top of that window. (Is this because I have booted into "Diagnostic Startup" mode?

What should I do?
e.g.
- What else should I use to scan for trojans/viruses?
- How will I know when I have removed all the trojans/viruses?

All advice much appreciated!


Ship


My System SpecsSystem Spec
.

10 Jan 2010   #2

Windows 7 Ultimate Edition (build 7600) Default web client: Mozilla Firefox Default email client: Mi
 
 

Quote   Quote: Originally Posted by shiphen View Post
Hi

Any advice on how best to remove trojans?

BACKGROUND
At the bottom right of my Windows7 screen, the Action Center gave me the following alerts:
- "Remove the W32/Gaobot.worm.genu - Win32/RBot.3eu!Worm virus"
and
- "Remove the Trojan.PWS.Legmir.AD / W32.Ahlem.A@mm virus"

Strangely the anti-virus software that I am running - AVG (Free)(V9-LATEST) - completely failed to find either of these viruses, even though I regularly make sure that it is bang up to date.


STEPS TAKEN SO FAR
I have downloaded SuperAntiSpyware, MalwareBytes, and A-Squared Free(v4.5).
I tried rebooting Windows7 in Safe Mode, by hitting F8 repeatedly during reboot.
However I could not get this to work. The first time I tried all that happened is that Windows7 completely failed to boot! The second and third times simply produced a normal boot.

I then ran MalwareBytes which found some stuff, at which point (very late in the day!) AVG found some stuff too.

So then I tried running msconfig.exe and selected "Diagnostic Startup" and rebooted into a safe mode.

Right now I am running an A-Squared scan and re-running MalwareBytes scan...

...But what is extremely worrying to me, is that I can't get AVG to run a scan right now. if I click on the "Computer Scanner" tab, and then click on "Scan Whole Computer", all that happens is that it says "! There are no active components" at the top of that window. (Is this because I have booted into "Diagnostic Startup" mode?

What should I do?
e.g.
- What else should I use to scan for trojans/viruses?
- How will I know when I have removed all the trojans/viruses?

All advice much appreciated!


Ship
Combofix is the Best

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

After comments
My System SpecsSystem Spec
10 Jan 2010   #3

Windows 7 Ultimate - 64-bit | Windows 8 Pro - 64-bit
 
 

Hi Ship, Welcome to SF,

I guess the AVG failed to start the scan might be because when to switched to selective startup you might have stopped the service required to function AVG. In MSCONFIG under services tab you could Sort by Company name and enable AVG. Personally i would recommend Microsoft Security Essentials then if you think the your security is not detecting the Trojans then you could install MSE and update it then try to scan and see whether it finds something. Also you could try some Online scanners like Kaspersky or ESET which are free. Just Google Online scanners you would find it.

Hope this helps,
Captain
My System SpecsSystem Spec
.


10 Jan 2010   #4

Windows7 Pro x64
 
 

@Bolaxad - Sorry my Windows7 is 64 bit. Combofix does not appear to run as 64 bit...

@Captain - Yes, someone else recommended "Microsoft Security Essentials" which I am not running a scan with...

Thanks both

Ship
My System SpecsSystem Spec
10 Jan 2010   #5

Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
 
 

You have a tricky worm there according to McAfee.

Please try MSE rather than just relying on AVG 9. It is better to try different AV when you are in a tight situation like this.
My System SpecsSystem Spec
10 Jan 2010   #6

Microsoft Community Contributor Award Recipient

ME/XP/Vista/Win7
 
 

Try this:

start>run>then in the box type in & enter following

mrt

this will start the windows malicious software removal tool

do a full scan

Malicious Software Removal Tool
My System SpecsSystem Spec
10 Jan 2010   #7

Windows 7 Ultimate X64
 
 

Yes it is also a good idea to run a couple of AV's in safe mode as well for those tricky ones that are hard to find or respawn themselves.
My System SpecsSystem Spec
10 Jan 2010   #8
jav

Windows 7 Ultimate x86 SP1
 
 

Use any of those according to your preference:

Linux based Bootable CD (Highly recommended for cleaning infected PC):
F-Secure Rescue CD 3.00 released
Avira AntiVir Rescue System
Dr.Web CureIt!
http://download.bitdefender.com/rescue_cd/
VIPRE Rescue
13 Antivirus Rescue CDs Software Compared in Search For the Best Rescue Disk Raymond.CC Blog

a-squared Emergency USB Stick (rescue USB stick, portable)

Online Scanners:
a-squared Web Malware Scanner
COMODO AV SCANNER
Free Online Scanner F-Secure
BitDefender Online Scanner
PANDA SECURITY
Free ESET Online Antivirus Scanner
McAfee
HouseCall - Free Antivirus Scan
avast! Online Scanner

Anti-Malware scanners: (in order of personal preference)
Malwarebytes.org
The home of Spybot-S&D!
SUPERAntiSpyware.com
Ad-Aware by Lavasoft

List of Dedicated Anti-Trojan Scanners:
List of Dedicated Anti Trojan Products - Wilders Security Forums


More Alternative Scans:
Alternative Scans - MajorGeeks Support Forums

Personal recommendation download Ccleaner (CCleaner - Home) and clean temp files before scans.
Trojan Remover - Program Details (helped me once)
Hitman Pro 3 - SurfRight (very quick scan, if it detects somethings, activate trial version to clean up)

Hope you will get some ideas from this

EDIT: +1 for theog's recommendation. Run Windows Malware removal tool
My System SpecsSystem Spec
10 Jan 2010   #9

Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
 
 

Quote   Quote: Originally Posted by theog View Post
Try this:

start>run>then in the box type in & enter following

mrt

this will start the windows malicious software removal tool

do a full scan

Malicious Software Removal Tool
Oh a new command for me. This will be very useful. Tnx!
My System SpecsSystem Spec
10 Jan 2010   #10

Windows 7 Ultimate X64
 
 

Nice list jav. That should be a sticky somewhere. I would also recommend a live cd scan as well. I suggested a safe mode scan to help find any hidden malicious code though the live cd would be even better.
My System SpecsSystem Spec
Reply

 Help! - Any advice on trojans removal ?




Thread Tools



Similar help and support threads for2: Help! - Any advice on trojans removal ?
Thread Forum
Microsoft Office Starter 2010 reinstall after removal plus ctr removal Microsoft Office
ESE Found Trojans System Security
Trojans System Security
Trojans in Updates??? Windows Updates & Activation
Need Windows 7 Partition Removal Advice Installation & Setup
Trojans in Firefox Add-ons System Security
Trojans? System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:20 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33