Alright... so it all started last night when I noticed that my Windows Firewall was down. I don't know how long it had been down, but whatever the case, I tried to turn it back on. It was then that I received "error code 0x8007042c". It offered for me to turn it on manually, which I tried, but with no success. It was around now that AVG notified me of a few viruses. I got rid of them and then updated Malwarebytes and ran a scan. It caught several more, which I deleted. They were of many different breeds, but I was able to delete all of them.
So I tried the firewall again. No success. I went online and found this thread:
I tried almost everything there, but again... no success. I came up against many of the same walls everyone there mentions. I went into services but couldn't bring up Windows Firewall no matter what I did.
At this point, I asked some friends for help. One of them mentioned Comodo. Desperate for a firewall, I went ahead and downloaded it. I blocked a few things that I didn't really understand, just in case, and also checked my svchost.exe files with this:
It warned me of about a dozen, but all of them looked pretty legitimate, so I didn't remove them. It was also around now that I discovered my Google results were being redirected to dangerous websites. I've encountered this sort of redirect virus twice before, and only managed to remove it on my own once. I hate them... so much. A friend told me that it's probably a rootkit and recommended Kaspersky, so I downloaded it on my PC (which I am on now; the lappy has been disconnected from the Internet) and transferred it to my laptop. No results.
I left for a couple of hours before this and came back to discover AVG notifying me of this:
File name: c:\Windows\assembly\GAC_32\Desktop.ini
Threat name: Trojan horse Agent_r.AKS
I tried to remove it, but ended up getting this:
Detected on open
Removing of threat has failed.
It is impossible to remove the object by advanced techniques.
I clicked "Show details" and got this:
Process name: C:\Program Files (x86)\Mal Warren\mbam.exe
Process ID: 4984
Action result: It is impossible to remove the object by advanced techniques.
Mal Warren is what I named Malwarebytes, just as a sort of disguise (not sure if that even works, but hey, better safe than sorry). So... does that mean Malwarebytes is infected? O_o
Anyway, all this leads me to this thread. I've been working on it all day with little success, and I'm pretty desperate. Any advice you guys can spare would be vastly appreciated.
Thanks in advance!
Edited by BerenFortis, 02 October 2011 - 01:07 AM.