Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan, Please HELP!!!

10 Mar 2010   #11
ridakash

Windows Seven Ultimate
 
 

Look here:
Adware.Zwangi - Threat Details


My System SpecsSystem Spec
.
10 Mar 2010   #12
Tews

64-bit Windows 8.1 Pro
 
 

even though this is categorized as a low threat, I agree with Jimbo... a clean install!
My System SpecsSystem Spec
10 Mar 2010   #13
thathagat

windows 7 ultimate 64 bit,Windows 7 ultimate 32 bit,Windows XP sp3 home
 
 

Quote   Quote: Originally Posted by EvilOzzmess View Post
Trying that now... let's hope this works.

And of course, they want my money before getting rid of it.

.
hitman pro has free cleaning for 30 days....just activate trial license and it will clean for free.....


Attached Images
Trojan, Please HELP!!!-hmp-30-days.png 
My System SpecsSystem Spec
.

10 Mar 2010   #14
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

You can manually remove it:
Encyclopedia entry: BrowserModifier:Win32/Zwangi - Learn more about malware - Microsoft Malware Protection Center

Or, rescan with Malwarebytes'
* Be sure that everything is checked, and click Remove Selected.

Don't back up 'dirty' restore points!
My System SpecsSystem Spec
10 Mar 2010   #15
Jo 90

Windows 7 Enterprise 64bit
 
 
Macrium

I use Macrium Reflect and I take an image of my machine about once a month, it's quite easy to use and I have had to restore twice in the past after I messed things up, just download from there website, Macrium Reflect FREE Edition - Information and download make a rescue disk and make an image on an external HDD or network drive or a bunch of DVD's. It took about 40 mins to back up and the same to restore a 160gb HDD that was half full.
My System SpecsSystem Spec
10 Mar 2010   #16
Jo6Pak

7 Ultimate
 
 

Quote   Quote: Originally Posted by Jo 90 View Post
I use Macrium Reflect and I take an image of my machine about once a month, it's quite easy to use and I have had to restore twice in the past after I messed things up, just download from there website, Macrium Reflect FREE Edition - Information and download make a rescue disk and make an image on an external HDD or network drive or a bunch of DVD's. It took about 40 mins to back up and the same to restore a 160gb HDD that was half full.
Jo 90 -

I've been thinking of giving this app a try. Which rescue method do you use (linux disk, linux usb, bartPE disk)?

Any tips/pointers in overall use?

THANKS!
My System SpecsSystem Spec
10 Mar 2010   #17
echrada

Windows 7 Ultimate x64
 
 

I removed the same trojan from a clients computer yesterday. I started it up in safemode with networking. Downloaded and ran Rkill then downloaded and ran Malwarebytes scan, do the full scan as it is much more accurate.

While it is running go and do something else as it can take quite some time.

It found 27 items. I quarantined and then removed all items. I restarted the machine and then deleted restore points see here

http://windows.microsoft.com/en-US/w...-restore-point

This is important as if you go back to a restore point at a later date you might restore this virus.

Run the Malwarebytes scan again (quick this time) and bob's your uncle.
__________________
My System SpecsSystem Spec
10 Mar 2010   #18
EvilOzzmess

7 Ultimate x64 SP1
 
 

Thanks guys, I chose a full factory restore - so my computer's now exactly back to how Acer shipped it out as (and subsequently was their recommended course of action for persistent, severe malware infestations). Along with five other programs, I tried running MBAM twice, fully - and twice quickly, and it DID detect and remove two Trojans - each time, but it was unable to fully remove whatever caused those two to get in here - so I really had no choice but to completely wipe out the system on this one.

I wouldn't have trusted it if I hadn't, anyway. Just kind of ticked I forgot to save my Firefox bookmarks before doing it... this is why you shouldn't panic and try to do this stuff on an all-nighter whilst half asleep. Ha... >_<


As for backup, I discovered I didn't really need that at all. I DO have a self-made Acer Restore Manager set of disks which did ghost the entire drive, along with drivers and the OS itself. But I find Factory Restore to do the exact same thing, so it's less complicated to just do that and then put everything back as it was before (like I'm doing right now, in fact). No big deal.

Thanks again for all your help guys! Really appreciate it.
My System SpecsSystem Spec
10 Mar 2010   #19
Terrorz

Windows 7 Ultimate 64-bit
 
 

Well good to here your virus problems are over, but for future reference have Microsoft Security Essentials as your antivirus if you cant afford to buy one and Malwarebytes along with it. These are two great programs that will keep you safe
My System SpecsSystem Spec
10 Mar 2010   #20
EvilOzzmess

7 Ultimate x64 SP1
 
 

No, wait...once again, not sure if it's completely gone. MBAM found "Hijack.DisplayProperties" Registry Data HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChange s

I don't know how that is even possible, but there it is. What should I do now? I don't see the old Processes that I had with whatever it was last time, that I believe I did just get rid of, but... yeah. It's there, somehow.


EDIT: I have found winlogon.exe in the processes, and when I checked it out it shows an icon with a WINDOW, WITH A MOON IN THE BACKGROUND. It is NOT capitalized, and it is NOT WINLOGIN.EXE which I know to be the TRUE Windows program type. How do I kill this?
My System SpecsSystem Spec
Reply

 Trojan, Please HELP!!!




Thread Tools




Similar help and support threads
Thread Forum
Trojan called 'Trojan.Generic.2582177' on my system
Hi, I have Window7 Ultimate 64 bit on my system. I use Bitfender as my antivirus software. This morning it informed me that it has found a file infected with a virus called 'Trojan.Generic.2582177' which it cannot clean. I've contacted Bitfender to see if they know what I should do but haven't...
System Security
Need some help got a trojan
Hello, First off sorry if this is in wrong area. My parents have got a trojan ( Smart internet protection) even tho they was protected using Mcafee internet security. Anyways, when i tried to open mcafee to run a system scan it would not let me. I don't know any thing about what to do, i have...
System Security
Trojan:Win32/FakeSpypro & Trojan:JS/FakeSpypro
A little help,please.Got this trojan earlier.It disabled MSE,MBAM,Internet,CCleaner,and pretty much anything .exe.Claimed everything was infected...so says whatever fake AV program that came with it.(I wish I could figure out how to use the indention tool here)I had to restart,open task manager...
System Security
Trojan
Hi, This other day I downloaded a file that raped my system, causing me to lose access to any .exe file aswell as the task manager. My internet was also terminated. How do I remove this menace? I scanned with AVG Free and Superantispyware but to no avail. I have DDS and HiJackThis, but...
System Security
New trojan
Hi, there's this new trojan which I found on a website. Its filename is Bookmark.exe. Strange is that only 22/40 anti malware engines were able to detect it. Currently, I was trying Norton 360 beta 4 which has failed to detect it. :shock: So far, this trojan has changed my IE8 homepage. Not...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 02:20.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App