Posted 02 September 2009 - 03:46 PM
As the title states, I believe I was and still am infected with one of these two infections. AVcare propted the notification in the bottom right hand corner, at which point fired off Windows Defender, and AVG 8.5 free which "deleted" the infection. I proceeded to follow the guidlines on removing the infection from the Registry, File locations, and known files types then began the Malwarebytes scan. Once I tried to run the Malwarebytes scan it closed after running for 2 seconds. The same was true for SuperAntiSpyware, Spybot, Rootkit Revealer, F-Secure Black Ice, Combo Fix, HiJackthis, and numerous other spyware programs. The same was true for safe mode - networking - cmd line - and without. Note that immediately after malwarebytes failed in normal mode I rebooted into safe mode to attempt the run. Now, even when in safe mode, when I try to run or install (different names for exe and different locales, removalbe drives) it states something to the effect that I do not have permission. This is on Vista Home Premium by the way. The only effective thing was running UBCD4WIN (latest version) and running the superanitspyware, spybot, and a squared spyware removal programs. But I am still unable to run anything in safe mode or normal mode. It was spybot in UBCD4WIN that found TDSS.reg, which made me think it was a rootkit infection as well. I was able to run Normans Malware Cleaner and Sophos Anti-Rootkit in normal mode afterwards and the anti-rootkit found nothing, and Norman's cleaned some tracking cookies, but nothing related to AVCARE. Still can not open malwarebytes or any of the other programs. Now Windows willl not let me log in as it states it found an issue and will restart in 1 minute. Any help appreciated.