MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Reply
 
Thread Tools Display Modes
  #1  
Old 07-18-12, 11:14
thernbear thernbear is offline
Private E-2
 
Join Date: Jul 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object is

"";"C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI";"Object is white-listed (critical/system file that should not be removed)"

There are a lot of other trojan horse walkthroughs, if someone can point in the right direction more specific to my horse droppings...

Brand new computer... and AV wasnt the first thing to get downloaded... doh!
Attached Files
File Type: zip hitmanpro.xml.zip (725 Bytes, 62 views)
File Type: zip MGlogs.zip (236.1 KB, 17 views)
File Type: txt RKreport[3].txt (1.8 KB, 16 views)
File Type: txt avglog.txt (1.1 KB, 7 views)
Reply With Quote
Sponsored links
  #2  
Old 07-19-12, 16:17
thisisu's Avatar
thisisu thisisu is offline
Malware Consultant
 
Join Date: Apr 2006
Location: Houston, TX
Posts: 8,162
Thanks: 269
Thanked 1,432 Times in 1,355 Posts
Default Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

Welcome to MajorGeeks, thernbear

Delete items using RogueKiller.

Double-click RogueKiller.exe to run. (Vista/7 right-click and select Run as Administrator)
When it opens, press the Scan button
Now press the Delete button.
When it is finished, there will be a log on your desktop called: RKreport[3].txt
Attach RKreport[3].txt to your next message. (How to attach)

__

- Rescan with HitmanPro, when it finds services.exe - Virus, allow it to Replace by clicking the down arrow next to the detection and choosing Replace.
If Desktop.ini - Trojan if detected again, you can allow HitmanPro to Delete this but Ignore any other detections from the time being.
Afterwards, click the Next button.
HitmanPro may want to reboot the PC in order for the changes to take affect, please do so.

__

Once you are back in Windows, run another scan with HitmanPro and then attach the latest hitmanpro.zip log. (How to attach)

__

Completely delete these two folders manually using Windows Explorer:
  • c:\windows\installer\{0f7e99ff-f00f-32b4-d531-ecd74ed08177}
  • c:\users\#2\appdata\local\{0f7e99ff-f00f-32b4-d531-ecd74ed08177}

Let me know if you were successful or not.
__________________
Facebook . Twitter . Blog . VirusTotal
Reply With Quote
The Following 2 Users Say Thank You to thisisu For This Useful Post:
dmc3501 (07-22-12), shadowlion (08-07-12)
  #3  
Old 07-22-12, 11:07
thernbear thernbear is offline
Private E-2
 
Join Date: Jul 2012
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

Thankyou so much for everything, my brand new computer was in virus hell and you guys saved it. Thankyouthankyouthankyou!!! Deffinitly liking on facebook and spreading the word. Best offense now is a good defense! AVG and malwarebytes ready to go. Anyother suggestions in the field of d-Fence?

Greatful Private,
Jeremy
Reply With Quote
  #4  
Old 07-22-12, 16:15
thisisu's Avatar
thisisu thisisu is offline
Malware Consultant
 
Join Date: Apr 2006
Location: Houston, TX
Posts: 8,162
Thanks: 269
Thanked 1,432 Times in 1,355 Posts
Default Re: C:\Windows\System32\services.exe";"Trojan horse Dropper.Generic_c.MMI"";"Object i

You're welcome.

__

If you are not having any other malware related problems, it is time to do our final steps:
  • Any programs we had you download and/or install can be removed at this time.
  • If we had you download and run ComboFix, here is how to uninstall it:
    • Press and hold the Windows key and then press the letter R on your keyboard.
    • This opens the Run dialog box.
    • Copy and paste the below text inside the text-field:
      • "%userprofile%\desktop\ComboFix" /uninstall
    • Now press ENTER
    • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
  • You can re-enable your Disk Emulation software at this time via DeFogger.
  • If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
  • Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
  • Now we will toggle System Restore to remove any infected system restore points.
  • Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
  • Be safe
__________________
Facebook . Twitter . Blog . VirusTotal
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
"Redirected Searches", "Advertising Pop-Ups", "Fake Anti-Virus Pop-Ups" beetlebuggy Malware Removal 5 10-29-10 00:17
Stubborn "Infection";"Trojan horse Pakes.CFZ" Help! johndoe24 Software 5 04-07-09 23:34
" How do you get rid of a Trojan Horse Dropper. Agent.Joc " rgarr Malware Removal 1 08-23-08 20:23
"AntivirXP08" Trojan and "Windows Security Alerts" Process pariah Malware Removal 4 07-30-08 12:43


All times are GMT -5. The time now is 13:32.


MajorGeeks.Com Home Page
| Admin Tools | All In One | Anti-Spyware | Anti-Virus | Appearance | Backup | Benchmarking | BIOS | Browsers | Covert Ops |
Data Recovery | Diagnostics | Drive Cleaners | Drive Utilities | Drivers | Driver Tools Ergonomics | Firewalls | Games | Game Tweaks | Graphics | Input Devices | Internet Tools | Macintosh | Mail Utilities | Memory | Messaging | Monitoring | Microsoft | Multimedia | Networking | Office Tools | Process Management | Processor | Registry | Security | System Info | Toys | Video | Miscellaneous
|
Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger