Overclock.net › Forums › Software, Programming and Coding › Networking & Security › I got a trojan on my pc
New Posts  All Forums:Forum Nav:

I got a trojan on my pc

post #1 of 11
Thread Starter 
So last day I was playing BF3 and i experiment major lag spike, so I opened up task manager and I saw that a process called «services.exe» was at 99 % of cpu capacity.
I ended the process and it came back a day later. So i look up on internet to see that this services.exe was a trojan, (great !)

I found the location of it:
Code:
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1

But I cant delete it. I intalled AVG, no sucess found nothing in this location
Launched Malwarebytes' Anti-Malware, found nothing...
Tryed the spyassassin from Malwarebytes' Anti-Malware, it didn't delete it,
So how can I delete it, I dont want all my information to be difuse on the web rolleyes.gif
Edited by adgame - 5/13/12 at 5:33pm
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
post #2 of 11
338
Use protection next time!

Did you install any new hardware or drivers recently? Or did this happen out of the blue? What antivirus were you using?

Anyway, my mom's old Windows XP computer had a similar problem about a year ago. I don't think services.exe is a trojan. In my case it was just AVG - we just just uninstalled it and reinstalled some other AV. It has been a while, but I think the reason was because AVG was scanning the Windows reserved files or something - I really forget
Neutrality
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7-7700K ASUS Z170‑K EVGA 980ti w/ EK WB 2x8GB Corsair Vengeance 2400 MHz 
Hard DriveCoolingOSMonitor
2x OZC Arc 100 240GB, Samsung Spinpoint F3 1TB,... EK Supremacy EVO + Alphacool UT60 240mm/360mm +... Windows 10 24" Asus VG248QE 144hz 
KeyboardPowerCaseMouse
CM Quickfire Pro MX Black Corsair HX750 Modified HAF 932 Zowie FK1 
AudioAudio
Audio Technica AD700 Creative Sound Blaster X-Fi Titanium HD 
  hide details  
Reply
Neutrality
(15 items)
 
  
CPUMotherboardGraphicsRAM
Intel i7-7700K ASUS Z170‑K EVGA 980ti w/ EK WB 2x8GB Corsair Vengeance 2400 MHz 
Hard DriveCoolingOSMonitor
2x OZC Arc 100 240GB, Samsung Spinpoint F3 1TB,... EK Supremacy EVO + Alphacool UT60 240mm/360mm +... Windows 10 24" Asus VG248QE 144hz 
KeyboardPowerCaseMouse
CM Quickfire Pro MX Black Corsair HX750 Modified HAF 932 Zowie FK1 
AudioAudio
Audio Technica AD700 Creative Sound Blaster X-Fi Titanium HD 
  hide details  
Reply
post #3 of 11
If you're not able to delete it fully in a windows scan, you could try an Avast pre-boot scan. It can scan your entire storage medium before you get into windows which means any trojan (if found) is left completely vulnerable to deletion. I will warn you though, depending on how much data you have, the process can take a VERY long time even on an SSD. I recommend doing it overnight.
The Nameless
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-3930k Asrock x79 Champion GTX 470 Hydrocopper 32GB Samsung 30nm low voltage 
Hard DriveOptical DriveOSMonitor
256GB Samsung 830 + 22TB LG BD burner + 3 DVD burners W7 Professional 64 bit LG 37" 1080p LED TV 
KeyboardPowerCaseMouse
Eclipse III AX1200 NZXT Phantom (white) NZXT Avatar (v1) 
  hide details  
Reply
The Nameless
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7-3930k Asrock x79 Champion GTX 470 Hydrocopper 32GB Samsung 30nm low voltage 
Hard DriveOptical DriveOSMonitor
256GB Samsung 830 + 22TB LG BD burner + 3 DVD burners W7 Professional 64 bit LG 37" 1080p LED TV 
KeyboardPowerCaseMouse
Eclipse III AX1200 NZXT Phantom (white) NZXT Avatar (v1) 
  hide details  
Reply
post #4 of 11
Thread Starter 
Protection doesn't protect everything but, yeah its true I didnt had any antivirus.
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
post #5 of 11
Oh dear.

You could try running MS Security Essentials full scan.

http://windows.microsoft.com/en-AU/windows/products/security-essentials

I havent had any issues since using this more than a year ago.

It will take some time, depending on your drives but its worth it.
post #6 of 11
Hvae you got ccleaner? You could use that to get its autostart turned off, then removing it.


Out of curisotiy how do you know the file is a trojan?
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
Escobar
(9 items)
 
Supercomputer ^_^
(13 items)
 
 
CPUMotherboardGraphicsRAM
1055T M4A88T-D EVO USB3 ATI 6850 4 GB 
Optical DriveOSMonitorKeyboard
DVD RW Windows 8 Pro lp1900 + 2 X 15 inch dell Microsoft Comfort Curve 
PowerCase
600watt thermaltake antec 200 
  hide details  
Reply
post #7 of 11
Thread Starter 
exescive uses, and its located somewhere else then in systeme 32.

Yeah I did CCleaner, no sucess

But I updated Malwarebytes' and got it with fileassassin
thanks
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
Gaming rig
(15 items)
 
  
CPUMotherboardGraphicsRAM
4670k asrock z87 extreme4 Pc R7970 v3 Crucial ballistic 2x4gb 1866 9-9-9-27 
Hard DriveHard DriveOptical DriveOS
Samsung 850 500 WD caviar black 640gb Lite-on dvd burner Windows ultimate 64x 
MonitorPowerCaseAudio
Crossover 27Q led-P Corsair 650w tx V2 Antec three hundred Beyerdynamic Dt 990 pro 250 ohm 
  hide details  
Reply
post #8 of 11
"i got a trojan on my PC" also. . .

IMG_20120514_084344.jpg


i had to man. best of luck hope you get it figured out
post #9 of 11
I'd try CCleaner custom files and folders function...
Download Ccleaner and do this:
Open Ccleaner
Go to "Options" tab on the left
To the right hit "Include"
On the far right hit "Add"
Then go ahead and include the single file or folder, whatever you want deleted.

Once that's included, you should see it in the list in the center of that inclusion area.
Go back to the "Ccleaner" tab on the left
Analyze and Run Cleaner function. Make sure the "Custom files and folders" option is checked on the cleaner list under Advanced.

YEARS ago when I downloaded a game I couldn't delete the folder it was in, Ccleaner wiped it clean no problem.

You could try a system restore, although I don't think it'll catch it, but you could give it a try.

Or if you have a system image of when you first installed win 7 then maybe last resort, go back to that.

I had a virus I got through a windows update last summer, it was the famous antivirus2007. Basically couldn't do anything with the PC after boot. WIndows restore didn't work but going back to the system image did work. Lost all my files but hey, its what you have to do.

Curious, how'd ya get it? Some extracurricular downloading?

Good luck.
post #10 of 11
Are you 100% sure it was a virus? Because all Windows 7 computers have services.exe located with system32. Was services running under your account name or system/network or something? If it was running under your account name then it probably was a virus and if it wasn't you just deleted a important part of your system..Also check the creation date of the file it it was created in 2009 then it's a legit system file.... always be 100% sure...
Edited by Despair - 5/14/12 at 10:48am
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Networking & Security
Overclock.net › Forums › Software, Programming and Coding › Networking & Security › I got a trojan on my pc