Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Removing Win32/Malagent Trojan - The Easiest Way

01 Nov 2011   #1

Windows 7 Home Premium 64 Bit Service Pack 1
Removing Win32/Malagent Trojan - The Easiest Way

Well, I recently found out that I had the infamous Win32/Malagent Trojan on my PC when I ran a quick scan through Microsoft Security Essentials. As you know, if you just remove it while in your regular mode, it will just keep coming back. I found a way to easily remove it. Here's what I did. I rebooted the computer into Safe Mode with Networking. I made sure to log into the administrator account so I had all administrator permissions. I then ran a quick scan through Microsoft Security Essentials. It picked it up and I clicked remove. It was then gone, it didn't come back at all. Now I have a nice, clean and fast PC and the infamous threat was gone. Never knew it could be that easy. Hope I helped anyone suffering with this infection. Remember, if you discover this threat on your PC, take action immediately and remove it as it can seriously damage your computer throughout time and even mess with protected registry keys. Save your computer before it's too late!

My System SpecsSystem Spec
01 Nov 2011   #2
Microsoft MVP

Windows 7 Ultimate 32bit SP1

Well, it might not be that easy

Trojan.Win32.Malagent.a is a very malicious item that's designed to allow remote access to your computer to largely occupy precious system resource, trace your Internet habits, to record/steal your personal information.
Change all passwords, using a known "clean" computer.

Next, you will need to flush the DNS cache and restore MS's Hosts file by doing this...

Copy and paste these lines in Note pad.

@Echo on
attrib -h -s -r hosts
echo localhost>HOSTS
attrib +r +h +s hosts
ipconfig /release
ipconfig /renew
ipconfig /flushdns
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
del %0

Save as flush.bat to your desktop. Right click on the flush.bat file to run it as Administrator (press enter key). Your computer will reboot itself.

Now, download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.

Scan with Malwarebytes (free) Anti-Malware:

Download Malwarebytes' Anti-Malware to your desktop
Download Malwarebytes' Anti-Malware Free - Thoroughly detect and remove even the most advanced malware - Softpedia
* Right-click (to run as Administrator) mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. Copy and Paste that log into your next reply.
My System SpecsSystem Spec
28 Mar 2012   #3

window 7 home premium 64 bit

I had both win32/Malagent and win32/keygen. MS Security Essentials couldn't remove either before doing the suggestions here. I ran the bat file, then the malawarebytes - which did not find either. But MS Security essentials still found the keygen, but by running it (after doing the bat file) in safe mode, it was able to remove the keygen. I've restarted and run both security programs and it seems all is well..... Should I breathe easily now?.
My System SpecsSystem Spec


 Removing Win32/Malagent Trojan - The Easiest Way

Thread Tools

Similar help and support threads
Thread Forum
Easiest Way To Remove A Trojan?
Hi, im just wondering, does anyone know a easy or fast way (like a simple software) used to get rid of trojans?
System Security
This computer again: Here is some of what I know about the box build. I was asked to cleanup the aftermath of this: Encyclopedia entry: Trojan:Win32/FakeSysdef - Learn more about malware -...
System Security
Downloaded and ran the Microsoft Safety Scanner and it found this. Trojan:Win32/Comroki!rts Safety Scanner removed so it says. All I found with Google besides sales pitches to buy things is this at MS. Encyclopedia entry: Trojan:Win32/Comroki - Learn more about malware - Microsoft Malware...
System Security
I found this awesome virus "Trojan-Downloader.Win32.VB.bbl" and analyzed its behaviour in a VirtualBox and quickly found a weaknes :p It is very hard to remove, it closes antivirus setups and then deletes them, closes all windows containg anything about antivirus tools (even if you google anything...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:17.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App