Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I may be infected


  • This topic is locked This topic is locked
58 replies to this topic

#1 Fade2black22

Fade2black22

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 10 September 2011 - 05:10 PM

I dont have a task bar, I cant download updates for my windows and i cant open my malwarebytes or download hijack this. error i get is Windows installer the windows installer service could not be accessed. This can occur if you are running windows in safe mode, or if the windows installer is not correctly installed.

Attached Files



BC AdBot (Login to Remove)

 


#2 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 16 September 2011 - 09:45 PM

still need assistance..

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 17 September 2011 - 09:05 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it

  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.
===

Please Download
TDSSKiller.zip

>>> Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
    Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue
    Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Please run the Malwarebytes's tool and post the log if you can.

#4 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 17 September 2011 - 10:45 PM

I ran the tds killer and it didnt detect any infections. I still was unable to run Malwarebytes.

Attached Files



#5 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 18 September 2011 - 08:31 AM

Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 3 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click and choose Run as Admin
You only need to get one of them to run, not all of them.

rkill.exe
rkill.com
rkill.scr

It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If this is the case, then you will need to download the files requested on another computer and then transfer them to the desktop of the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.

When you have run the rkill program run Malwarebytes. Post the log if you can.

#6 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 18 September 2011 - 01:53 PM

Nothing seemed to have happened. still cant run malwarebytes.

Attached Files



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 19 September 2011 - 07:55 AM

Looks like your Windows Installer has been corrupted.

Go this page.

http://support.microsoft.com/kb/315346

Follow the instruction in the Method 2: Reinstall the Windows Installer section.

If you can print the page and follow the directives.
If at any time you need help please call.

#8 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 19 September 2011 - 11:45 PM

ok, i followed method 2 and it seemed to download and install just fine.

#9 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 20 September 2011 - 07:12 AM

Nice work.

Where do we go from here?

What are the remaining issues?

#10 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 22 September 2011 - 04:15 PM

im still getting the same errors. installer said it installed successfully, but still have same issues. still dont have a task bar, cannot copy or paste anything, and still cant open malwarebytes. runtime error 372 failed to load control 'vbalgrid' from vbalsgrid6.ocx.

#11 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 22 September 2011 - 06:16 PM

This error message can be solved by following this article.

http://forums.malwarebytes.org/index.php?showtopic=7377&st=0&p=34171&#entry34171

Follow the instructions.

Post the Malwarebytes log if you can.

If not please let me know of any error message.

#12 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 22 September 2011 - 10:42 PM

i wasnt able to install subinacl from link. i got an error saying the windows installer service could not be accessed.

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 23 September 2011 - 01:41 PM

Try the instructions on the Microsoft page.

http://support.microsoft.com/kb/319624

Just try Method 1 for now.

Can you now install the SubInACL tool and run it.?

#14 Fade2black22

Fade2black22
  • Topic Starter

  • Members
  • 85 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:59 PM

Posted 26 September 2011 - 11:26 AM

nothing seems to be working. im at my wits end. I wish i had the windows cd to reinstall it, but i dont. what else can i do..

#15 nasdaq

nasdaq

  • Malware Response Team
  • 39,531 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:59 PM

Posted 27 September 2011 - 07:04 AM

Try to run this tool and post the log if you can.

  • Download OTL to your Desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Check the boxes beside LOP Check and Purity Check.
  • Under the Custom Scan box paste this in

    %SYSTEMDRIVE%\*.exe
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    explorer.exe
    svchost.exe
    userinit.exe
    qmgr.dll
    proquota.exe
    kernel32.dll
    ndis.sys
    autochk.exe
    spoolsv.exe
    xmlprov.dll
    ntmssvc.dll
    mswsock.dll
    Beep.SYS
    ntfs.sys
    termsrv.dll
    sfcfiles.dll
    st3shark.sys
    ahcix86.sys
    srsvc.dll
    /md5stop
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users