Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Infected With winlogon Trojan

02 Apr 2010   #1

Windows 7 Home Premium
 
 
Infected With winlogon Trojan

I had a Action Center message this morning that said my comp. was infected with the winlogon Trojan. I've tried many virus removal tools, such as Malware Bytes, Look2Me Destroyer (which wouldn't run), Avira, Spybot, & Super Antivirus Remover. Nothing shows up.

Does anyone know how to get rid of this?

My System SpecsSystem Spec
02 Apr 2010   #2

Win 8 Release candidate 8400
 
 

Quote   Quote: Originally Posted by waltersfield View Post
I had a Action Center message this morning that said my comp. was infected with the winlogon trogan. I've tried many virus removal tools, such as Malware Bytes, Look2Me Destroyer (which wouldn't run), Avira, Spybot, & Super Antivirus Remover. Nothing shows up.

Does anyone know how to get rid of this?

Easy format and re-install
My System SpecsSystem Spec
02 Apr 2010   #3

Windows® 8 Pro (64-bit)
 
 

My System SpecsSystem Spec
.


02 Apr 2010   #4

Windows 7 Home Premium
 
 

Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
My System SpecsSystem Spec
02 Apr 2010   #5

Windows® 8 Pro (64-bit)
 
 

Quote   Quote: Originally Posted by waltersfield View Post
Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
Not always. A good anti virus / anti malware scanner can remove it if the infection is at an early stage.
My System SpecsSystem Spec
02 Apr 2010   #6

Win7 Home Premium 64x
 
 

you can post on Bleeping Computer - Computer Help and Discussion in their forums. they will tell you to get "hijackthis" which is used for diagnostics and probably someone there can advise on how to get rid of it.
My System SpecsSystem Spec
02 Apr 2010   #7

win 7 x64
 
 

try this trojan remover Simply Super Software - Trojan Remover run pc in safe mode
My System SpecsSystem Spec
02 Apr 2010   #8

Windows 7 & Windows Vista Ultimate
 
 

Quote   Quote: Originally Posted by waltersfield View Post
Good grief! A complete reformat and reinstall is the only way to get rid of this thing?
Anyone else have a suggestion?
Hi, waltersfield.

It is possible that what you are seeing is not the Action Center but a rogue. I suggest you scan with Malwarebytes' Anti-Malware. Following are may standard instructions:

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, be sure Quick scan is selected, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
  • Click Remove Selected.


Note: With regard to System Restore, you can clear SR after your computer is cleaned. However, for the time being, it is better to have an infected restore point than none at all!

Let us know how that works.
My System SpecsSystem Spec
02 Apr 2010   #9

Windows 7 Home Premium
 
 

Thanks, but nothing seems to do the trick at this point. May just need to reinstall after all... Very discouraging.

Thanks for all the helpful replies!
My System SpecsSystem Spec
02 Apr 2010   #10
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This is what's known as a Backdoor" Trojan ....

Backdoor Trojans

These are the most dangerous, and most widespread, type of Trojan.
Backdoor Trojans provide the author or ‘master’ of the Trojan with remote ‘administration’ of victim machines. Unlike legitimate remote administration utilities, they install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoor Trojans can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity on the computer and more.
If your computer was used for online banking or has credit card information on it, all passwords should be changed immediately to include those used for email, eBay and forums.
You should consider them to be compromised.
They should be changed by using a different computer and not the infected one, if not an attacker may get the new passwords and transaction information.
Banking and credit card institutions should be notified of the possible security breech.
More info can be found below:
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
How to report ID theft, fraud, drive-by installs, hijacking and malware? Security - dslreports.com
When should I re-format? How should I reinstall?
When should I re-format? How should I reinstall? Security - dslreports.com
My System SpecsSystem Spec
Reply

 Infected With winlogon Trojan





Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 05:40 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33