Virus Won't Let Me Install Antivirus

Solved
Thread Status:
Not open for further replies.
  1. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    My computer is only a little over a year old (dell desktop) and i purchased ESET Nod32 4 antivirus at the same time, keeping it up to date. I noticed the computer running substantially slower so i went to check the antivirus software and it was no where to be found. I tried to reinstall it from original CD-ROM and I couldn't. Tried to download and install from the ESET web site, and I couldn't. Downloaded MalwareBytes in safe mode and found RootKit.zeroaccess, rootkit.0access, and trojan.agent. A google search led me here. I've attached the logs as described in the prework. Please help!

    Attached Files:

  2. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    4,104
    Likes Received:
    12
    Location:
    Victoria, Australia
    Local time:
    22:42
    My System
    Loading...

    Open Malwarebytes > click on More Tools > run File ASSASSIN by clicking Run Tool
    Select the File you want to delete.
    C:\Windows\svchost.exe<--NOTE: ONLY from this location
    ======================================


    Download Combofix from any of the links below, and save it to your desktop.
    Link 1
    Link 2
    When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.

    Refer to this image:
    To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.
    • Close any open windows and double click PCHelpForum.exe to run it.
      You will see the following image:
    [​IMG]

    Click I Agree to start the program.
    ComboFix will then extract the necessary files and you will see this:

    [​IMG]

    As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7
    It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    If you did not have it installed, you will see the prompt below. Choose YES.

    [​IMG]

    Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    [​IMG]

    Click on Yes, to continue scanning for malware.
    When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.
    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
  3. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    I did everything in your reply, then went to open Internet explorer to return to forum and couldn't open IE. got the following error message :

    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    Illegal operation attempted on a registry key that has been marked for deletion

    So I can't upload combo fix log, as I am now posting from my phone...
  4. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    Just noticed that I can't run any programs at all, get the same error message as above
  5. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    4,104
    Likes Received:
    12
    Location:
    Victoria, Australia
    Local time:
    22:42
    My System
    Loading...

    Ok.Have you done a reboot.That should fix it .Failing that can you do a System Restore and go back a few days. That or do a file search for the logs.?
  6. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    Ok. Attached log. Also, malwarebytes is still dinging c:\Windows\svchost.exe even though I deleted it...

    Attached Files:

    • OTL.Txt
      File size:
      144.4 KB
      Views:
      3
  7. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,178
    Likes Received:
    4,382
    Location:
    New Jersey
    Local time:
    08:42
    My System
    Loading...

    That's the OTL log. We need C:\ComboFix.txt please
  8. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    My apologies

    Attached Files:

  9. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,178
    Likes Received:
    4,382
    Location:
    New Jersey
    Local time:
    08:42
    My System
    Loading...

    What's triggering the svchost alert? Your antivirus?
  10. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    This virus uninstalled my antivirus. it is malwarebytes that gives the alert
  11. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,178
    Likes Received:
    4,382
    Location:
    New Jersey
    Local time:
    08:42
    My System
    Loading...

    Run a quick scan please
  12. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    OK, here's the log

    Attached Files:

  13. Crush

    Crush Tech Member Tech Member Elite Member mvp

    Joined:
    Sep 28, 2008
    Posts:
    42,178
    Likes Received:
    4,382
    Location:
    New Jersey
    Local time:
    08:42
    My System
    Loading...

    Hm that's picked up nothing. Can you post the Protection log? let's see where it's coming from
  14. wobrien

    wobrien New Member Bronze Member

    Joined:
    Sep 30, 2012
    Posts:
    25
    Likes Received:
    0
    Local time:
    08:42
    My System
    Loading...

    see attached

    Attached Files:

  15. Pancake

    Pancake Well-Known Member

    Joined:
    Jun 1, 2006
    Posts:
    4,104
    Likes Received:
    12
    Location:
    Victoria, Australia
    Local time:
    22:42
    My System
    Loading...

    Did you run the File Assassin.?
Similar Threads
Forum Title Date
System Security Help! anti-virus won't install Nov 18, 2011
System Security Infected PC won't run any antivirus program, what to do? Jul 28, 2011
System Security Nagging virus that just won't go away :( May 28, 2011
System Security Fake anti-virus won't go away Oct 7, 2010

Thread Status:
Not open for further replies.