Home > Trojan Horse > Trojan Horse Patched_c.lxt Services.exe! Plz Help.

Trojan Horse Patched_c.lxt Services.exe! Plz Help.

Other members who need assistance please start your own topic in a new thread. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Double click on combofix.exe & follow the prompts. Some of your computer functions are unavailable or some normal legal program can't run or there are unusual conditions of them. Please include a link to this thread with your request. http://gsdclb.org/trojan-horse/trojan-horse-patched-c-lxt-in-services-exe.php

mStart Page = hxxp://www.yahoo.com/ uInternet Settings,ProxyOverride = *.local; uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo! pigpottomus Visitor2 Reg: 24-Jul-2012 Posts: 5 Solutions: 0 Kudos: 0 Kudos0 Re: C:Windows/System32/Service.exe Trojan horse Patched_c.LXT Posted: 26-Jul-2012 | 9:36AM • Permalink It was Norton 2010 Antivirus that came along, Quads Change the action to Skip, and save the log. AVG has detected that ../system32/services.exe is infected with trojan horse patched_c.lxt It has also detected that ../windows/assembly/GAC_32/desktop.ini is infected with trojan.generic15.axla Malware bytes detected that a file in the windows/installer/ folder

Select your user account an click Next. Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 17496 bytes Attached Files: Attach.txt File size: 7.3 KB Views: 1 lucasle146, Aug 30, 2012 #3 jeffce Malware Specialist Joined: Thanks, Dave ComboFix 12-07-16.01 - Dave 07/16/2012 21:28:16.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3326.2109 [GMT -7:00] Running from: c:\users\Dave\Desktop\ComboFix.exe SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions

Yes. I'd be grateful if you would note the following: The fixes are specific to your problem and should only be used for the issues on this machine. Ask the experts! services.exe Click Search button and post the log (Search.txt) it makes to your reply.

This should start the Windows Task Manager Step 2: Within the Windows Task Manager click on the Processes tab. Plz Help. I have been playing hell for the Thread Tools Search this Thread 07-15-2012, 01:24 PM #1 eghostrider Registered Member Join Date: Jul 2012 Posts: 32 OS: Windows 7 Press Scan button.

Use the arrow keys to select the Repair your computer menu item. If you're stuck, or you're not sure about certain step, always ask before doing anything else. Category How to Fix How to Optimize How to Remove Browser Hijacker How To Remove Malware How to set up VPN How to Uninstall Rogue Antispyware Removal Trojan Virus Removal YooSecurity Next, click the Quick Scan button.

Share this post Link to post Share on other sites This topic is now closed to further replies. psj3809 Resolved HJT Threads 48 04-14-2011 02:45 PM url redirects plus some other spurious behavior Was unable to complete an Amazon transaction yesterday -- checkout pages wouldn't load without repeated attempts. In usual, this virus is found in this path: C:\Windows\System32\services.exe. within the Inactive Malware Help Topics forums, part of the Tech Support Forum category.

OTL.Txt and Extras.Txt. weblink AV: Lavasoft Ad-Watch Live! Open the Windows Task Manager. Page 1 of 2 1 2 Next > Advertisement lucasle146 Thread Starter Joined: Aug 30, 2012 Messages: 15 Hi, Today my AVG keep warn me that there is trojan horse patched_c.lxt

Here is the log you asked for: Dave 12:22:41.0366 4392 TDSS rootkit removing tool Jul 16 2012 22:10:11 12:22:41.0740 4392 ============================================================ 12:22:41.0740 4392 Current date / time: 2012/07/17 12:22:41.0740 12:22:41.0740 C:\PROGRA~2\AVG\AVG2012\avgrsa.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe If you need more time, simply let me know. navigate here FF - ProfilePath - C:\Users\STV\AppData\Roaming\Mozilla\Firefox\Profiles\espefcbd.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.us.b00kmarks.com/landing_t.php?guid={4B303D7B-2FE0-4486-A5F2-9109C671D73D} FF - prefs.js: keyword.URL - hxxp://search.us.b00kmarks.com/search_t.php?guid={4B303D7B-2FE0-4486-A5F2-9109C671D73D}&keyword= FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 Run by Dave at 11:34:38 on 2012-07-15 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3326.1710 [GMT -7:00] . To enter System Recovery Options from the Advanced Boot Options:Restart the computer. services.exe infected trojan horse patched_c.lxt, and ../windows/assembly/GAC_32/desktop.ini with trojan.generic15.axla Started by leshickens , Jun 25 2012 08:56 AM Page 1 of 2 1 2 Next This topic is locked 16 replies

C:\Qoobox\Quarantine\C\Windows\Installer\{3952248a-bf93-2f7f-5f93-585541a7d20b}\U\[email protected] (Rootkit.0Access) -> Quarantined and deleted successfully.

I'd like to gather a bit more info before we begin the cleaning process. Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet the only outcome of the process is the computer icon named "32788R22FWJFW" and when I click on that icon, it's bring me back to My Computer screen. Your AVG says it is white listed and cannot be removed.

I really need your help, Thanks lucasle146, Aug 30, 2012 #1 Sponsor lucasle146 Thread Starter Joined: Aug 30, 2012 Messages: 15 Here is my DDS Scan: . Select your user account an click Next. Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe his comment is here DDS (Ver_2011-08-26.01) .

This report may not be accurate! Please copy and paste it to your reply. ---------- jeffce, Aug 31, 2012 #10 lucasle146 Thread Starter Joined: Aug 30, 2012 Messages: 15 As your instruction, here is the result uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.yahoo.com/ mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! It is unable to fix, saying that it operates in the whitelisted process; sevices.exe AVG, and mbam have also recently reported: exploit blackhole exploit kit (type 2301) trojan horse generic28.anic trojan

Home ForumsBlogs Ideas Norton ProductsCommunity Norton Hardware Malware Discussion Norton Mobile Products Norton Public Beta Off-Topic Discussion Norton Internet Security | Norton 360 | Norton AntiVirusAnnouncements Norton Security Backup Norton Toolbar Select the operating system you want to repair, and then click Next. Quads pigpottomus Visitor2 Reg: 24-Jul-2012 Posts: 5 Solutions: 0 Kudos: 0 Kudos0 Re: C:Windows/System32/Service.exe Trojan horse Patched_c.LXT Posted: 26-Jul-2012 | 9:34AM • Permalink I Had the Trial Version that Came With Press Scan button.