Trojan Horse, Generic & Dropper & Back Door

You need to ATTACH all logs. We do not want inline logs like you posted in your first message. Inline logs will normally be deleted. You need to attach logs from the below scans.

• Hitman Pro
• MGtools

I deleted your MBRcheck and Malwarebytes logs since there was nothing in them of concern and I attached the RogueKiller log in your first message just incase anything was different from the second one that you attached.

 

I also would like you to run the below.

Please do the below so that we can boot to System Recovery Options to run a scan.

For 32-bit (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
For 64-bit (x64) systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please attach this file to your next reply. (See: How to attach)

 

I suggest that you check again. I have not yet really seen a version of Windows 7 that does not support this.

This is of no use to us. You MUST run it from the command prompt of the System Recovery Environment not the command prompt of Windows. Notice at the top of the log you posted it even state the below

 

Rescan with HitmanPro

• When it finds services.exe - Virus, allow it to Replace by clicking the down arrow next to the detection and choosing Replace.
• Leave any other detections alone (Ignore them).
• Afterwards, click the Next button.
• HitmanPro may want to reboot the PC in order for the changes to take affect, please do so.
• After reboot and when you are back in Windows, run another scan with HitmanPro and then attach the latest hitmanpro.zip log. (See[COLOR=blue[/URL]] How to attach files[/COLOR][/URL])

See if you can get RogueKiller to run. If you can then run a scan and after it finishes, select the Files tab and if the below exist, click the Delete button again.[/B]

Then immediately reboot your PC.

After reboot, run a new scan with RogueKiller and save a log as in original instructions and attach the new log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it (Note: if using Vista or Win7, don't double click, use right click and select Run As Administrator).

Then attach the below logs:

• the new Hitman log
• the new RogueKiller log
• C:\MGlogs.zip

 

You're welcome.

Something must have already fixed it.

See if you can find and delete the below two folders.
C:\Windows\installer\{2866e762-6a40-e9a4-3466-3797a275df6a}
C:\Users\TEST\AppData\Local\{2866e762-6a40-e9a4-3466-3797a275df6a}


Also tell me how things are working?