1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Virus wont leave me alone!

Discussion in 'Virus & Other Malware Removal' started by Henryy, Jan 20, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Henryy

    Henryy Thread Starter

    Joined:
    Jan 20, 2011
    Messages:
    2
    Basically i keep getting a virus that comes up and i continue to remove it using Malware Bytes and AVG 2011 but it coems back and usually with multiple other viruses. The one that i continue to see is always a "Svchost.exe" file.

    This is what i get up currently on my Malwarebytes' Anti-Malware quick scan:
    I will list the vendor, then the cateogry then the item and then other:

    Trojan.Dropper - File - c:\Users\owner\AppData\Local\Temp\svchost.exe

    Stolen.Data - File - c:\Users\owner\AppData\Roaming\data.dat

    Trojan.Agent - Registry Value - HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windef - Value: windef

    Trojan.Agent - File - c:Users:eek:wner\AppData\Roaming\svchost.exe

    Trojan.Agent - Memory Process - c:Users\owner\AppData\Roaming\svchost.exe - 3144

    Malware.Trace - Registry Key - HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvlD

    Heuristics.Reserved.Word.Exploit - File - c:\Users\owner\downloads\svchostanalyzer.exe


    I've attached my processes and all the details about my computer below. Thanks, if you need any more detail pelase just ask. Thank you.
     

    Attached Files:

  2. TheShooter93

    TheShooter93 Malware Specialist

    Joined:
    Jul 9, 2008
    Messages:
    11,242
    First Name:
    Cody
    I've requested that this thread be moved to the "Virus and Other Malware Removal" section of the site.
     
  3. Henryy

    Henryy Thread Starter

    Joined:
    Jan 20, 2011
    Messages:
    2
    Thanks
     
  4. eddie5659

    eddie5659 Moderator Malware Specialist

    Joined:
    Mar 19, 2001
    Messages:
    35,718
    Hiya

    Can you post the contenst of the MBAM scans? If you re-open the program, click on the Logs tab, select the latest one and then click Open, and copy/paste the contents here.

    Also, can you do this:

    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT !!! As you download it rename it to username123.exe and save it to your Desktop


    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

      • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
      • Remember to re-enable the protection again afterwards before connecting to the Internet.
    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


    [​IMG]


    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]


    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    eddie
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/975841

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice