Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need help with removing infected svchost and services.exe


  • Please log in to reply
1 reply to this topic

#1 Bones667

Bones667

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:56 AM

Posted 06 July 2012 - 06:02 AM

I have been work on backing up, scanning, and attempting to restore my computer for the past 14 hours. After finding out that a factory reset was not an option, I attempted to do my best at removing this infection from my computer. So far I have no luck and am requesting help. I have searched this website and found a possible solution, but in part of the description a certain script was made specifically for the victim's pc So therefor I am hoping to get some help.

Symptom #1 : Malwarebytes periodically alerts me that an outgoing attempt was blocked

Part of huge LOG:
206.161.121.123 (Type: outgoing, Port: 60149, Process: svchost.exe)
2012/07/06 06:55:38 -0400 UNCONVENTIONAL Joe IP-BLOCK 206.161.121.124 (Type: outgoing, Port: 60150, Process: svchost.exe)
2012/07/06 06:55:38 -0400 UNCONVENTIONAL Joe IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 60151, Process: svchost.exe)

Symptom #2: AVG Periodically Alerts me about c:\windows\system32\services.exe
Threat name Trojan horse Dropper.Generic_c.MMI



Symptom #3: While using Firefox, I have a google re director, which will redirect my first 2 google searches. It will also occasionally redirect a new window


I have used tdsskiller, spybot search and destroy, ccleaner, malwarebytes, and msert to scan and attempt to remove said infections. Each time, (including while in safe mode) have failed.

Please help!

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,758 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:56 AM

Posted 06 July 2012 - 07:16 AM

Please follow the instructions at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html . After preparing the requested logs, initate a topic in the forum reflecting the Prepartion Guide.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users