C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object is

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by thernbear, Jul 18, 2012.

  1. thernbear

    thernbear Private E-2

    "";"C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI";"Object is white-listed (critical/system file that should not be removed)"

    There are a lot of other trojan horse walkthroughs, if someone can point in the right direction more specific to my horse droppings... :cry

    Brand new computer... and AV wasnt the first thing to get downloaded... doh!
     

    Attached Files:

  2. thisisu

    thisisu Malware Consultant

    Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

    Welcome to MajorGeeks, thernbear :)

    [​IMG] Delete items using RogueKiller.

    Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
    When it opens, press the Scan button
    Now press the Delete button.
    When it is finished, there will be a log on your desktop called: RKreport[3].txt
    Attach RKreport[3].txt to your next message. (How to attach)

    __

    [​IMG] - Rescan with HitmanPro, when it finds services.exe - Virus, allow it to Replace by clicking the down arrow next to the detection and choosing Replace.
    If Desktop.ini - Trojan if detected again, you can allow HitmanPro to Delete this but Ignore any other detections from the time being.
    Afterwards, click the Next button.
    HitmanPro may want to reboot the PC in order for the changes to take affect, please do so.

    __

    [​IMG] Once you are back in Windows, run another scan with HitmanPro and then attach the latest hitmanpro.zip log. (How to attach)

    __

    Completely delete these two folders manually using Windows Explorer:

    • c:\windows\installer\{0f7e99ff-f00f-32b4-d531-ecd74ed08177}
    • c:\users\#2\appdata\local\{0f7e99ff-f00f-32b4-d531-ecd74ed08177}

    Let me know if you were successful or not.
     
  3. thernbear

    thernbear Private E-2

    Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

    Thankyou so much for everything, my brand new computer was in virus hell and you guys saved it. Thankyouthankyouthankyou!!! Deffinitly liking on facebook and spreading the word. Best offense now is a good defense! AVG and malwarebytes ready to go. Anyother suggestions in the field of d-Fence?

    Greatful Private,
    Jeremy
     
  4. thisisu

    thisisu Malware Consultant

    Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

    You're welcome.

    __

    If you are not having any other malware related problems, it is time to do our final steps:
    • Any programs we had you download and/or install can be removed at this time.
    • If we had you download and run ComboFix, here is how to uninstall it:
      • Press and hold the Windows key [​IMG] and then press the letter R on your keyboard.
      • This opens the Run dialog box.
      • Copy and paste the below text inside the text-field:
        • "%userprofile%\desktop\ComboFix" /uninstall
      • Now press ENTER
      • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
    • You can re-enable your Disk Emulation software at this time via DeFogger.
    • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
    • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
    • Now we will toggle System Restore to remove any infected system restore points.
    • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
    • Be safe :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds