Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Infected With winlogon Trojan

02 Apr 2010   #1
waltersfield

Windows 7 Home Premium
 
 
Infected With winlogon Trojan

I had a Action Center message this morning that said my comp. was infected with the winlogon Trojan. I've tried many virus removal tools, such as Malware Bytes, Look2Me Destroyer (which wouldn't run), Avira, Spybot, & Super Antivirus Remover. Nothing shows up.

Does anyone know how to get rid of this?


My System SpecsSystem Spec
.
02 Apr 2010   #2
zigzag3143

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by waltersfield View Post
I had a Action Center message this morning that said my comp. was infected with the winlogon trogan. I've tried many virus removal tools, such as Malware Bytes, Look2Me Destroyer (which wouldn't run), Avira, Spybot, & Super Antivirus Remover. Nothing shows up.

Does anyone know how to get rid of this?

Easy format and re-install
My System SpecsSystem Spec
02 Apr 2010   #3
Dinesh

Windows® 8 Pro (64-bit)
 
 

My System SpecsSystem Spec
.

02 Apr 2010   #4
waltersfield

Windows 7 Home Premium
 
 

Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
My System SpecsSystem Spec
02 Apr 2010   #5
Dinesh

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by waltersfield View Post
Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
Not always. A good anti virus / anti malware scanner can remove it if the infection is at an early stage.
My System SpecsSystem Spec
02 Apr 2010   #6
Thorsen

Win7 Home Premium 64x
 
 

you can post on Bleeping Computer - Computer Help and Discussion in their forums. they will tell you to get "hijackthis" which is used for diagnostics and probably someone there can advise on how to get rid of it.
My System SpecsSystem Spec
02 Apr 2010   #7
steve1969

win 7 x64
 
 

try this trojan remover Simply Super Software - Trojan Remover run pc in safe mode
My System SpecsSystem Spec
02 Apr 2010   #8
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by waltersfield View Post
Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
Hi, waltersfield.

It is possible that what you are seeing is not the Action Center but a rogue. I suggest you scan with Malwarebytes' Anti-Malware. Following are may standard instructions:

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, be sure Quick scan is selected, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  • Click Remove Selected.


Note: With regard to System Restore, you can clear SR after your computer is cleaned. However, for the time being, it is better to have an infected restore point than none at all!

Let us know how that works.
My System SpecsSystem Spec
02 Apr 2010   #9
waltersfield

Windows 7 Home Premium
 
 

Thanks, but nothing seems to do the trick at this point. May just need to reinstall after all... Very discouraging.

Thanks for all the helpful replies!
My System SpecsSystem Spec
02 Apr 2010   #10
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This is what's known as a Backdoor" Trojan ....

Backdoor Trojans

These are the most dangerous, and most widespread, type of Trojan.
Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.
If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.
They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified of the possible security breech.
More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security - dslreports.com
When should I re-format? How should I reinstall?
When should I re-format? How should I reinstall? Security - dslreports.com
My System SpecsSystem Spec
Reply

 Infected With winlogon Trojan




Thread Tools





Similar help and support threads
Thread Forum
No thumbnails appearing... Might be infected with Trojan.Zbot. Help!
So a few days ago I started getting notifications from my norton AV saying it blocked an attempted attack by 'Trojan.Zbot'. Not too long after that I started to notice windows explorer acting very strange. No thumbnails would appear for pictures.. No previews... Couldn't empty recycling...
System Security
AVG 2013 Says Volsnap Infected With Trojan Generic3_c.BNQG
AVG was reinstalled after a lic issue. Ran malwarebytes and removed a few cookies and a mywebsearch toolbar. during first scan after updates on AVG it warns me that Volsnap.sys is infected with Trojan Generic3_c.BNQG. It states to download the ISO for AVG Rescue. I downloaded burned and ran the AVG...
System Security
My system is infected with a trojan. It has hidden c & d drives. ?
The Run, Task Manager and Control Panel are hidden. The system shows virus alert. I have AVG 7 but it does'nt help. It has even stopped my broadband connection. I cannot format my whole system. It has valuable information. Please help.
System Security
Infected with Trojan horse giving known error
Typical, giving error of sshnas21.dll missing at the startup of my windows 7 ultimate. I use MSE as anivirus, which caught it and declaired it has been removed. But, after reboot, its clear that its not gone, giving error of sshnas21.dll missing. Currently I am scanning with MRT (Aug 2010)...
Performance & Maintenance

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 06:48.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App