Solved

trojan horse Generic30.wav

Posted on 2013-01-27
12
960 Views
Last Modified: 2013-01-28
system running windows 7 home premium.

website redirected to other sites

installed norton antivirus latest, said it removed

1 day later, norton got removed, empty norton folder

put in avg, said trojan horse generic30.wav found, removed.

came back again.

question:

1.  do i need to turn off system restore; afraid that if it crashes, i don't have any restore point to boot up the computer.

2.  does anyone know how to remove the trojan.  I bought norton antivirus 2013.

thanks.
0
Comment
Question by:goodfinder
  • 5
  • 5
  • 2
12 Comments
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825252
Try Sophos Anti-rootkit. It is free.

Then try the combination of MalwareBytes.org and SuperAntiSpyware.com.

Malwarbytes does NOT seem to get it all on its own, probably because of the trojan has a rootkit component.

I did not find a removal tool specific to that trojan.

When done, clean install the security suite of your choice.  I do NOT recommend Symantec/Norton nor MacAfee. AVG is working well for a few of my clients. Other good products are ESET (my personal favorite), Trend Micro (especially in the corporate environment), FSecure and some others. While I have had good luck with Kaspersky, and he is a stellar malware/security expert, I have concerns about his corporate/political environment.

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38825672
i ran malwarebytes, & spy bot & norton.  i will try the superantispyware.com & kaspersky.  

the computer also had a blue screen and created a dump but after that, it boots up ok.  do i need to reinstall or repair the windows 7 home premium?  

tried AVG too.  

i turned off the system restore. ran AVG tuneup.  i am ready to reformat but it has a lot of apps. ahhh.  

thanks.

please let me know if you can think of anything.  long night.  ....
0
 
LVL 9

Assisted Solution

by:EMJSR
EMJSR earned 100 total points
ID: 38825679
If all else fails, run Combofix, if necessary in Safe Mode.
0
 
LVL 12

Accepted Solution

by:
TomRScott earned 400 total points
ID: 38825722
Did you run the anti-rootkit tool?

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38825763
Missed that.  Thanks.  Does not need safe mode, right?   Thanks again .
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38825833
After running the anti-rootkit you should run scans with MalwareBytes and SuperAntiSpyware again.

 - Tom
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:goodfinder
ID: 38825920
Thanks, will do.  Do u know of anygood  registry scan n repair for win 7.  For xp n vista I used symantec system standard.  Ps. I m redownloading  anti rootkit ; the first one said it was corrupted. Tks for your patient.
0
 

Author Comment

by:goodfinder
ID: 38826087
Anti rootkit did not find anything.  Running superantispyware now.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38826090
The malware scanners I suggested do scan the registry and remove/correct issues found with your consent.

 - Tom
0
 

Author Comment

by:goodfinder
ID: 38826276
Installed the superantispyware pro trial version n ran.   It found some tracking cookies.  Will u suggest to buy this instead of kasperski or other security sofeware?
0
 
LVL 9

Expert Comment

by:EMJSR
ID: 38826793
I would run a combination of antivirus and antimalware. For the latter I would recommend Malwarebytes Pro if you want real time protection. At home I have had great experience with Eset NOD32 while at work I have had great success with Sophos and AVG combined with Malwarebytes Pro. Usually it's the personal experience that counts when talking about AV. Opinions differ greatly.

As for a stand alone registry cleaner, malware unrelated; Piriform's CCleaner is a great little utility.
0
 
LVL 12

Expert Comment

by:TomRScott
ID: 38829380
"AVG is working well for a few of my clients. Other good products are ESET (my personal favorite), Trend Micro (especially in the corporate environment), FSecure and some others. While I have had good luck with Kaspersky, and he is a stellar malware/security expert, I have concerns about his corporate/political environment."

As noted earlier, my favorite is ESET Security Suite and has been for  a couple years.  My second choice is FSecure. The owner of FSecure and lead developer is just about the most experienced coder in this sector. He predates the better known coders. He has always been a solid tech and made solid applications.

I concur with EMJSR, CCleaner is a cool utility. However, I normally use it when in need or suspicious.

Unless you have more errors or anti-malware traps, it sounds like you are ready to get your new security suite, rid of any remnants of Symantec and install the new suite.

 - Tom
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
This Micro Tutorial will teach you how to change your appearance and customize your Windows 7 interface to your unique preference. This will be demonstrated using Windows 7 operating system.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now