Help with removing new Trojan


  1. Posts : 477
    Windows 7 Pro 64bit SP1
       #1

    Help with removing new Trojan


    Well didn't take long...my girlfriend's computer with a brand new Win 7 Pro installation has a Trojan...Bit Defender stops it from accessing the Internet and Quarantines it...but it keeps reappearing as a new name. The location is always the same though as shown in the attached JPG. The Folders (source) always stay the same...but Bit Defender just Quarantines it...can't seem to find the source and remove it tho ?

    The C:\Windows\ServiceProfiles\NetworkService\AppData\Temp\ is always the same...the wbwb.tmp changes...the svchost.exe is always the same.

    When I first opened the W\SP\NS directory...there was no "APPDATA" folder...and some how I managed to get the "\SERVICEPROFILE\NETWORKSERVICE\" to become hidden...while trying to show the APPDATA folder ?

    Any help on how to both get the SERVICEPROFILE\NETWORKSERVICE folders to reappear, and, isolate this Trojan and remove it will be greatly appreciated.

    Thanks, Tim
      My Computer


  2. Posts : 8,870
    Windows 7 Ult, Windows 8.1 Pro,
       #2

    You can enable "show hidden files and folders" by going to device manager then choose folder options and click to show files and folder then hit apply. You might try either MalWarebytes or spybot S&D to get that trojen.
    Attached Thumbnails Attached Thumbnails Help with removing new Trojan-folder-options.jpg  
      My Computer


  3. Posts : 1,360
    win7 ultimate / virtual box
       #3

    chev65 said:
    You can enable "show hidden files and folders" by going to device manager then choose folder options and click to show files and folder then hit apply. You might try either MalWarebytes or spybot S&D to get that trojen.
    I agree with chev65 and suggest you run malwarebytes in safe mode twice
      My Computer


  4. Posts : 477
    Windows 7 Pro 64bit SP1
    Thread Starter
       #4

    Thanks guys...downloading malwarebytes now (free version I'm assuming ). Do I install this normally before rebooting to safe mode...or install it after rebooting to safe mode ?

    Tim
      My Computer


  5. Posts : 1,443
    Win 7 Ultimate SP1 x64
       #5

    trinaz said:
    Thanks guys...downloading malwarebytes now (free version I'm assuming ). Do I install this normally before rebooting to safe mode...or install it after rebooting to safe mode ?

    Tim
    You should install the program normally then reboot to safe mode and run malwarebytes scan.
      My Computer


  6. Posts : 112
    7
       #6

    First thing after install is to check for updates.
      My Computer


  7. Posts : 8,476
    Windows® 8 Pro (64-bit)
       #7

    Hi there, scan with Hitman Pro.
    Downloads - SurfRight
      My Computer


  8. jav
    Posts : 713
    Windows 7 Ultimate x86 SP1
       #8

    trinaz said:
    Thanks guys...downloading malwarebytes now (free version I'm assuming ). Do I install this normally before rebooting to safe mode...or install it after rebooting to safe mode ?

    Tim
    Hello Tim
    1. Install it on normal mode.
    Update it.
    Run Quick scan with it on Normal mode
    Tick all detection except those on C:\System Voulme Information folders
    Click remove selected.
    It will open up lof file.
    Post it here.

    2. Now run Full scan and tick all drives.
    same instructions as above.
    Post back log.


    For other guys who recommended safe mode. Sorry for hijacking your posts, but: Malwarebytes and Safe mode
    Hope you guys will understand me.


    Dinesh said:
    Hi there, scan with Hitman Pro.
    Downloads - SurfRight

    +1
    Do this one aswell.
    Don't worry it's really fast.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 11:25.
Find Us