Posted 22 July 2009 - 01:45 AM
Posted 22 July 2009 - 07:02 AM
What is the complete error message?i get an error involving svchost.exe
Using more than one anti-virus program is not advisable. The primary concern with doing so is due to conflicts that can arise when they are running in real-time mode simultaneously and issues with Windows resource management. Even when one of them is disabled for use as a stand-alone scanner, it can affect the other. Anti-virus software components insert themselves into the operating systems core and using more than one can cause instability, crash your computer, slow performance and waste system resources. When actively running in the background while connected to the Internet, they both may try to update their definition databases at the same time. As the programs compete for resources required to download the necessary files this often can result in sluggish system performance or unresponsive behavior.I managed to remove many of them using avast! and AVG
Posted 22 July 2009 - 12:00 PM
Edited by Fasih, 22 July 2009 - 12:04 PM.
Posted 22 July 2009 - 12:26 PM
Posted 22 July 2009 - 01:08 PM
Malwarebytes' Anti-Malware 1.39 Database version: 2421 Windows 5.1.2600 Service Pack 3 7/22/2009 2:07:15 PM mbam-log-2009-07-22 (14-07-14).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 343547 Time elapsed: 51 minute(s), 37 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 0 Registry Data Items Infected: 3 Folders Infected: 2 Files Infected: 20 Memory Processes Infected: C:\WINDOWS\system32\drivers\smss.exe (Trojan.Agent) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\mjcore.mjcore (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\mjcore.mjcore.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\MJCore.dll (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\drivers\smss.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\drivers\smss.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\smss.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully. Folders Infected: C:\Program Files\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. C:\Documents and Settings\FASIH\Application Data\pridl (Trojan.Downloader) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\drivers\smss.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\system volume information\_restore{2db5597d-d1cb-43e0-9ad8-7acae6b2c7d3}\RP622\A0257473.dll (Trojan.BHO) -> Quarantined and deleted successfully. c:\program files\protection system\mal.db (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. c:\program files\protection system\uninst.exe (Rogue.ProtectionSystem) -> Quarantined and deleted successfully. c:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\B.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\C.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\D.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\E.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\F.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Administrator\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully. C:\Documents and Settings\FASIH\oashdihasidhasuidhiasdhiashdiuasdhasd (Trace.Pandex) -> Quarantined and deleted successfully.
Edited by Fasih, 22 July 2009 - 01:17 PM.
Posted 22 July 2009 - 01:19 PM
Posted 22 July 2009 - 04:04 PM
Malwarebytes' Anti-Malware 1.39 Database version: 2476 Windows 5.1.2600 Service Pack 3 7/22/2009 5:03:34 PM mbam-log-2009-07-22 (17-03-34).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 344925 Time elapsed: 39 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 3 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\c:\WINDOWS\system32\mpgdec.ax (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ms18_word (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ms18_word (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\WINDOWS\system32\mpgdec.ax (Backdoor.Bot) -> Quarantined and deleted successfully. c:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ms18_word.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\FASIH\ms18_word.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Posted 22 July 2009 - 05:20 PM
Malwarebytes' Anti-Malware 1.39 Database version: 2476 Windows 5.1.2600 Service Pack 3 7/22/2009 6:19:41 PM mbam-log-2009-07-22 (18-19-41).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 344958 Time elapsed: 41 minute(s), 33 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 6 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\system volume information\_restore{2db5597d-d1cb-43e0-9ad8-7acae6b2c7d3}\RP622\A0258523.ax (Backdoor.Bot) -> Quarantined and deleted successfully. d:\keygen.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully. d:\malwarebytes anti-malware v1.39\keygen.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully. c:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
Posted 22 July 2009 - 07:30 PM
Malwarebytes' Anti-Malware 1.39 Database version: 2476 Windows 5.1.2600 Service Pack 3 7/22/2009 8:29:46 PM mbam-log-2009-07-22 (20-29-46).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 344925 Time elapsed: 59 minute(s), 23 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\AGprotect (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pridl (Trojan.Dropper) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Documents and Settings\FASIH\Application Data\pridl (Trojan.Downloader) -> Delete on reboot. Files Infected: C:\Documents and Settings\FASIH\Application Data\pridl\pridl.exe (Trojan.Dropper) -> Delete on reboot. c:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
Posted 23 July 2009 - 07:30 AM
d:\keygen.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully. d:\malwarebytes anti-malware v1.39\keygen.exe (Dont.Steal.Our.Software.A) -> Quarantined and deleted successfully.
trendmicro.com/vinfoCracking applications are used for illegally breaking (cracking) various copy-protection and registration techniques used in commercial software. These programs may be distributed via Web sites, Usenet, and P2P networks.
Keygen and Crack Sites Distribute VIRUX and FakeAV...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...
University of Washington spyware study...warez/piracy sites ranked the highest in downloading spyware...just opening the web page usually sets off an exploit, never mind actually downloading anything. And by the time the malware is finished downloading, often the machine is trashed and rendered useless.
Bad Web Sites: Malware...One of the most aggressive and intrusive of all bad websites on the Internet are serial, warez, software cracking type sites...they sneak malware onto your system...Where do trojan viruses originate? One of the biggest malware distributors on the Internet are serial/warez/code cracking sites.
Edited by quietman7, 23 July 2009 - 07:33 AM.
0 members, 0 guests, 0 anonymous users