If you cant get Anti-malware/spyware progs to run/install or download READ THIS!

[pimpiepopmac]

Hi guys if you are having trouble following the guide for removing the infection because the programs wont download or install or even run, I would recommend reading my posts on the subject.   I found some great information on the Mbab website that fixed the issues right away and will save you alot of grief.

here is the malware blog i found the fix on.  Since the virus will keep you from going to their site the information on the fix has also been copied over.

http://www.malwarebytes.org/forums/index.php?showtopic=7668&pid=37852&st=0&#entry37852

Please try the following routine to see if you can get Malwarebytes to run.

        * Click on Start, click Run, and then type devmgmt.msc and click OK
        * On the View menu click on Show hidden devices
        * Browse to Non-Plug and Play Drivers and you should see something like TDSSserv.sys
        * Highlight that driver and right click on it and select DISABLE
        * Now RESTART your computer.
        * Download a copy of Malwarebytes but DO NOT run it yet.
        * Rename the downloaded installer file to any generic name such as your own name but keep the .EXE extension on the file and run it.
        * Once the program is installed go to the UPDATE tab and try to update the program if you can.
        * Then go to the SCANNER tab and run a Quick Scan and allow MBAM to fix anything found.

Here is the posts of my journey.

http://www.computerhope.com/forum/index.php/topic,71593.0.html

[BC_Programmer]

I'm guessing you mean Anti-malware and Anti-spyware programs

I personally wouldn't mind if malware and spyware wasn't working properly

[evilfantasy]

That's a known method and sometimes works. The problem is there is often other instances of the rootkit that aren't as easily stopped so it fails just as often as it works.

[pimpiepopmac]

good point subject line all fixed. Thanks for the info. I have included a HJT log I was wondering if you could look it over for me to see if there is anything else I need to fix. Thx

[Saving space - attachment deleted by admin]

[evilfantasy]

Open HijackThis and select Do a system scan only.

Place a check mark next to the following entries: (if there)

- O4 - HKLM\..\RunOnce: [tdss] C:\DOCUME~1\Owner\LOCALS~1\Temp\1442924.exe
- O20 - Winlogon Notify: urqQJbBU - urqQJbBU.dll (file missing)

Important: Close all windows except for HijackThis and then click Fix checked.

Exit HijackThis.

----------

Download ComboFix© by sUBs from one of the below links. Be sure top save it to the Desktop.

Link #1
Link #2

**Note:  It is important that it is saved directly to your Desktop

DO NOT run it yet!

Note: the below instructions were created specifically for this user. If you are not this user, DO NOT follow these directions as they could damage the workings of your system

Delete these files/folders, as follows:

1. Go to Start > Run > type Notepad.exe and click OK to open Notepad.
It must be Notepad, not Wordpad.
2. Copy the text in the below code box by highlighting all the text and pressing Ctrl+C

Code: [Select]

C:\DOCUME~1\Owner\LOCALS~1\Temp\1442924.exe
3. Go to the Notepad window and click Edit > Paste
4. Then click File > Save
5. Name the file CFScript.txt - Save the file to your Desktop
6. Then drag the CFScript (hold the left mouse button while dragging the file) and drop it (release the left mouse button) into ComboFix.exe as you see in the screenshot below. Important: Perform this instruction carefully!



ComboFix will begin to execute, just follow the prompts.
After reboot (in case it asks to reboot), it will produce a log for you.
Post that log (Combofix.txt) in your next reply.

Note: Do not mouseclick ComboFix's window while it is running. That may cause your system to freeze