WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

GUYS HELP, I CANT INSTALL ANY ANTIVIRUS [Closed]

Started by igotmacroed , May 10 2014 02:53 AM

This topic is locked

31 replies to this topic

#1 igotmacroed

New Member

Authentic Member
14 posts

Posted 10 May 2014 - 02:53 AM

I never used an anti virus before,I felt it was useless, Now I realise my mistake.

My computer always had minor problems, but lately its out of control.
I nnoticed it was rendering my utorrent and bittorrent inaccessible. But it didnt stop there. Now im not able to install any anti-virus. I have tried :
1)norton
2)mcafee
3)AVG
4) Avast
5)comodo
6)Avira
7) Malwarebytes

all of the above end up in failure of installation. Usually saying "Access Denied"
I tried everything in safe mode aswell.

Here is what im thinking is going on: A virus has infected my computer, and that virus is stopping me from downloading any anti-virus and also prevented me from downloading 4 Important Windows security updates.

I cant reformat my computer ( Windows 7 x32 bit, professional) as it has important files.

please someone help me out.
Thanks in advance.

Advertisements

Register to Remove

#2 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 11 May 2014 - 09:38 AM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
Double click dds to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#3 igotmacroed

New Member

Authentic Member
14 posts

Posted 12 May 2014 - 10:12 AM

Thank you very much for helping me. I'm not able to get TDSSKIller as there is a problem(i attached a screenshot of this problem too). I have attached the logs your have requested . Also i have uninstalled utorrent and any other pirated items.

Attached Thumbnails

Attached Files

DDS.txt 13.59KB 235 downloads
Attach.txt 13.39KB 187 downloads
AdwCleanerR3.txt 1.55KB 170 downloads

Edited by igotmacroed, 12 May 2014 - 10:15 AM.

#4 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 12 May 2014 - 11:47 AM

Hi,

Since you had a problem with TDSSKiller....give this a try.

Malwarebytes Anti-Rootkit

Please download Malwarebytes Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page.
Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
Scan your system for malware
If malware is found, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.

If there is no malware found, please let me know as well.
----------

#5 igotmacroed

New Member

Authentic Member
14 posts

Posted 14 May 2014 - 08:34 AM

EDIT#2:45 MALWARE PROBLEMS FOUND

EDIT#1:Some Malware was found!! Still running the scan. 3 were found so far.

Sorry for the late reply, I'm running the software now(which surprisingly installed,unlike every other software i tried installing).

Do you recommend I proceed with the clean up after its done scanning?

I will post the log after the scan is over.

And thanks again for agreeing to help me

Edited by igotmacroed, 14 May 2014 - 08:46 AM.

#6 igotmacroed

New Member

Authentic Member
14 posts

Posted 14 May 2014 - 08:54 AM

heres the log:

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1009

OS version: 6.1.7600 Windows 7 x86

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED

CPU speed: 2.611000 GHz

Memory total: 2145968128, free: 1123356672

Downloaded database version: v2014.05.14.06

Downloaded database version: v2014.03.27.01

=======================================

Initializing...

------------ Kernel report ------------

06/30/2014 00:22:42

------------ Loaded modules -----------

\SystemRoot\system32\ntkrnlpa.exe

\SystemRoot\system32\halmacpi.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_AuthenticAMD.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\BOOTVID.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\DRIVERS\ACPI.sys

\SystemRoot\system32\DRIVERS\WMILIB.SYS

\SystemRoot\system32\DRIVERS\msisadrv.sys

\SystemRoot\system32\DRIVERS\pci.sys

\SystemRoot\system32\DRIVERS\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\DRIVERS\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\DRIVERS\pciide.sys

\SystemRoot\system32\DRIVERS\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\DRIVERS\atapi.sys

\SystemRoot\system32\DRIVERS\ataport.SYS

\SystemRoot\system32\drivers\nvstor.sys

\SystemRoot\system32\drivers\storport.sys

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\DRIVERS\vmstorfl.sys

\SystemRoot\system32\DRIVERS\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\DRIVERS\disk.sys

\SystemRoot\system32\DRIVERS\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\amdk8.sys

\SystemRoot\system32\DRIVERS\usbohci.sys

\SystemRoot\system32\DRIVERS\USBPORT.SYS

\SystemRoot\system32\DRIVERS\usbehci.sys

\SystemRoot\system32\DRIVERS\1394ohci.sys

\SystemRoot\system32\DRIVERS\VSTBS23.SYS

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\VSTDPV3.SYS

\SystemRoot\system32\DRIVERS\VSTCNXT3.SYS

\SystemRoot\system32\drivers\modem.sys

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\nvm62x32.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\nvlddmkm.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\HdAudio.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\cdfs.sys

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_diskdump.sys

\SystemRoot\System32\Drivers\dump_nvstor.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\RTL8187B.sys

\SystemRoot\system32\drivers\USBSTOR.SYS

\SystemRoot\system32\DRIVERS\monitor.sys

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\drivers\luafv.sys

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\nwifi.sys

\SystemRoot\system32\DRIVERS\ndisuio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\DRIVERS\umpass.sys

\SystemRoot\System32\ATMFD.DLL

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\kernel32.dll

\Windows\System32\imm32.dll

\Windows\System32\wininet.dll

\Windows\System32\shell32.dll

\Windows\System32\normaliz.dll

\Windows\System32\urlmon.dll

\Windows\System32\user32.dll

\Windows\System32\oleaut32.dll

\Windows\System32\nsi.dll

\Windows\System32\difxapi.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\setupapi.dll

\Windows\System32\usp10.dll

\Windows\System32\Wldap32.dll

\Windows\System32\advapi32.dll

\Windows\System32\msctf.dll

\Windows\System32\ws2_32.dll

\Windows\System32\clbcatq.dll

\Windows\System32\ole32.dll

\Windows\System32\gdi32.dll

\Windows\System32\shlwapi.dll

\Windows\System32\imagehlp.dll

\Windows\System32\iertutil.dll

\Windows\System32\lpk.dll

\Windows\System32\comdlg32.dll

\Windows\System32\sechost.dll

\Windows\System32\msvcrt.dll

\Windows\System32\psapi.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\crypt32.dll

\Windows\System32\comctl32.dll

\Windows\System32\wintrust.dll

\Windows\System32\KernelBase.dll

\Windows\System32\devobj.dll

\Windows\System32\msasn1.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk4\DR4

Upper Device Object: 0xffffffff86ee4ac8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000066\

Lower Device Object: 0xffffffff86ed17b8

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR3

Upper Device Object: 0xffffffff86ee4030

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000065\

Lower Device Object: 0xffffffff86edaca8

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR2

Upper Device Object: 0xffffffff86ee3ac8

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000064\

Lower Device Object: 0xffffffff86eda030

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xffffffff86eda5b0

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000063\

Lower Device Object: 0xffffffff86ed1030

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xffffffff85c79030

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000057\

Lower Device Object: 0xffffffff855a8030

Lower Device Driver Name: \Driver\nvstor\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xffffffff85c79030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff85c79d10, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff85c79030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff855c1948, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xffffffff855a8030, DeviceName: \Device\00000057\, DriverName: \Driver\nvstor\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 1549F232

Partition information:

Partition 0 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 63 Numsec = 606523617

Partition file system is NTFS

Partition is bootable

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 606523680 Numsec = 18612720

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-625122448-625142448)...

Done!

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xffffffff86eda5b0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86ee3020, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86eda5b0, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86ed1030, DeviceName: \Device\00000063\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xffffffff86ee3ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86ee37a8, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86ee3ac8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86eda030, DeviceName: \Device\00000064\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 3, DevicePointer: 0xffffffff86ee4030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86ee3498, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86ee4030, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86edaca8, DeviceName: \Device\00000065\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 4, DevicePointer: 0xffffffff86ee4ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xffffffff86ee47a8, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xffffffff86ee4ac8, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\

DevicePointer: 0xffffffff86ed17b8, DeviceName: \Device\00000066\, DriverName: \Driver\USBSTOR\

------------ End ----------

Infected: C:\Users\Hemanth\AppData\Local\Temp\{19AA0FBD-BAA5-491C-ABF7-F287C2492D4B}\Addons\assistant_v3.exe --> [Trojan.SProtector]

Infected: C:\Users\Hemanth\AppData\Local\Temp\{7725EC02-D093-40F3-A218-98B1ACC6CEF4}\Addons\assistant_v3.exe --> [Trojan.SProtector]

Infected: C:\Users\Hemanth\AppData\Local\Temp\nsx4BC0.tmp\Convert.dll --> [Trojan.Agent]

Infected: C:\Users\Hemanth\AppData\Roaming\msconfig.ini --> [Trojan.Agent]

Infected: C:\Users\Hemanth\AppData\Local\Temp\services.exe.mui --> [Trojan.Agent]

Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|SHELL --> [Backdoor.Agent.MSC]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avcenter.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avconfig.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avgcsrvx.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avgnt.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avgrsx.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avguard.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avgui.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avgwdsvc.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avscan.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccuac.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ComboFix.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\hijackthis.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\keyscrambler.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbam.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbamgui.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbampt.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbamscheduler.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbamservice.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MpCmdRun.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCui.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\msseces.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\rstrui.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDFiles.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDMain.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SDWinSec.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\spybotsd.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\win32.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\wireshark.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\zlclient.exe --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE|Debugger --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTSVC.EXE --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVASTUI.EXE|Debugger --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVGIDSAGENT.EXE|Debugger --> [Hijack.Security]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger --> [Security.Hijack]

Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\INSTUP.EXE|Debugger --> [Hijack.Security]

Infected: C:\Users\Hemanth\AppData\Local\Temp\explorer.exe.mui --> [Heuristics.Reserved.Word.Exploit]

Scan finished

Edited by igotmacroed, 14 May 2014 - 08:55 AM.

#7 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 14 May 2014 - 06:01 PM

Hi,

Yes, please go ahead and open Malwarebytes again but this time I would like for you to run a Threat Scan and then remove anything that is found and post the new log.

Was there a log created by ESET?

#8 igotmacroed

New Member

Authentic Member
14 posts

Posted 15 May 2014 - 01:49 PM

After using the cleanup and scanning it again it still says 41 of the problems still come up. I tried cleanup several times,but those same 41 problems keep coming up when I scan again.
There was no ESET log.
The other log after cleanup I will be able to post in 8 hours.

#9 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 15 May 2014 - 03:39 PM

Sorry...I misread the topic (too many tabs open).

Don't worry about ESET.

Please do the following....

ComboFix

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#10 igotmacroed

New Member

Authentic Member
14 posts

Posted 16 May 2014 - 09:32 AM

I saved the combofix.exe to my desktop and did a scan. It worked,but I couldn't find any log or text document. So i downloaded it again and saved it onto my desktop but now every time this error is coming(I kept a screenshot)

Attached Thumbnails

Advertisements

Register to Remove

#11 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 16 May 2014 - 12:55 PM

Did you take a look in your C:\ folder and look for ComboFix.txt? If it is there, please post that.

#12 igotmacroed

New Member

Authentic Member
14 posts

Posted 18 May 2014 - 09:37 AM

I'm sorry,I looked everywhere,but it's not there.

#13 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 18 May 2014 - 11:38 AM

No worries.

Please delete the current version of Combofix.exe from your desktop and download a new version from here to your desktop.

Disable your AntiVirus and AntiSpyware applications.

Right-click and Run as Administrator on the Combofix.exe and follow the prombts on your display. When finish, it will create a C:\Combofix.txt. Please post this log for further review.
---------

#14 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 20 May 2014 - 05:29 AM

Still with me?

#15 igotmacroed

New Member

Authentic Member
14 posts

Posted 22 May 2014 - 01:17 AM

I am very sorry,didn't get an email saying you replied. I will try that now. Sorry for keeping you waiting.

Body Background

skin color theme

GUYS HELP, I CANT INSTALL ANY ANTIVIRUS [Closed]

#1 igotmacroed

Advertisements

Register to Remove

#2 jeffce

#3 igotmacroed

Attached Thumbnails

Attached Files

#4 jeffce

#5 igotmacroed

#6 igotmacroed

#7 jeffce

#8 igotmacroed

#9 jeffce

#10 igotmacroed

Attached Thumbnails

Advertisements

Register to Remove

#11 jeffce

#12 igotmacroed

#13 jeffce

#14 jeffce

#15 igotmacroed

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

GUYS HELP, I CANT INSTALL ANY ANTIVIRUS [Closed]

#1 igotmacroed

Advertisements Register to Remove

#2 jeffce

#3 igotmacroed

Attached Thumbnails

Attached Files

#4 jeffce

#5 igotmacroed

#6 igotmacroed

#7 jeffce

#8 igotmacroed

#9 jeffce

#10 igotmacroed

Attached Thumbnails

Advertisements Register to Remove

#11 jeffce

#12 igotmacroed

#13 jeffce

#14 jeffce

#15 igotmacroed

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove