Solved

trojan horse Generic30.wav

Posted on 2013-01-27
12
977 Views
Last Modified: 2013-01-28
system running windows 7 home premium.

website redirected to other sites

installed norton antivirus latest, said it removed

1 day later, norton got removed, empty norton folder

put in avg, said trojan horse generic30.wav found, removed.

came back again.

question:

1.  do i need to turn off system restore; afraid that if it crashes, i don't have any restore point to boot up the computer.

2.  does anyone know how to remove the trojan.  I bought norton antivirus 2013.

thanks.
0
Comment
Question by:goodfinder
  • 5
  • 5
  • 2
12 Comments
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825252
Try Sophos Anti-rootkit. It is free.

Then try the combination of MalwareBytes.org and SuperAntiSpyware.com.

Malwarbytes does NOT seem to get it all on its own, probably because of the trojan has a rootkit component.

I did not find a removal tool specific to that trojan.

When done, clean install the security suite of your choice.  I do NOT recommend Symantec/Norton nor MacAfee. AVG is working well for a few of my clients. Other good products are ESET (my personal favorite), Trend Micro (especially in the corporate environment), FSecure and some others. While I have had good luck with Kaspersky, and he is a stellar malware/security expert, I have concerns about his corporate/political environment.

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38825672
i ran malwarebytes, & spy bot & norton.  i will try the superantispyware.com & kaspersky.  

the computer also had a blue screen and created a dump but after that, it boots up ok.  do i need to reinstall or repair the windows 7 home premium?  

tried AVG too.  

i turned off the system restore. ran AVG tuneup.  i am ready to reformat but it has a lot of apps. ahhh.  

thanks.

please let me know if you can think of anything.  long night.  ....
0
 
LVL 9

Assisted Solution

by:EMJSR
EMJSR earned 100 total points
ID: 38825679
If all else fails, run Combofix, if necessary in Safe Mode.
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 12

Accepted Solution

by:
TomRScott earned 400 total points
ID: 38825722
Did you run the anti-rootkit tool?

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38825763
Missed that.  Thanks.  Does not need safe mode, right?   Thanks again .
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825833
After running the anti-rootkit you should run scans with MalwareBytes and SuperAntiSpyware again.

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38825920
Thanks, will do.  Do u know of anygood  registry scan n repair for win 7.  For xp n vista I used symantec system standard.  Ps. I m redownloading  anti rootkit ; the first one said it was corrupted. Tks for your patient.
0
 

Author Comment

by:goodfinder
ID: 38826087
Anti rootkit did not find anything.  Running superantispyware now.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38826090
The malware scanners I suggested do scan the registry and remove/correct issues found with your consent.

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38826276
Installed the superantispyware pro trial version n ran.   It found some tracking cookies.  Will u suggest to buy this instead of kasperski or other security sofeware?
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 38826793
I would run a combination of antivirus and antimalware. For the latter I would recommend Malwarebytes Pro if you want real time protection. At home I have had great experience with Eset NOD32 while at work I have had great success with Sophos and AVG combined with Malwarebytes Pro. Usually it's the personal experience that counts when talking about AV. Opinions differ greatly.

As for a stand alone registry cleaner, malware unrelated; Piriform's CCleaner is a great little utility.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38829380
"AVG is working well for a few of my clients. Other good products are ESET (my personal favorite), Trend Micro (especially in the corporate environment), FSecure and some others. While I have had good luck with Kaspersky, and he is a stellar malware/security expert, I have concerns about his corporate/political environment."

As noted earlier, my favorite is ESET Security Suite and has been for  a couple years.  My second choice is FSecure. The owner of FSecure and lead developer is just about the most experienced coder in this sector. He predates the better known coders. He has always been a solid tech and made solid applications.

I concur with EMJSR, CCleaner is a cool utility. However, I normally use it when in need or suspicious.

Unless you have more errors or anti-malware traps, it sounds like you are ready to get your new security suite, rid of any remnants of Symantec and install the new suite.

 - Tom
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

These are on the increase and getting more common these days. Users who use the Google search engine may complain of having their search redirected to unwanted sites, regardless of what browser is used. This happens when the system is infected with…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question