Inactive Help needed with malware/virus found on my PC

[roshanroshan]

Hi,
I recently found some malware on my PC and its preventing any anti-spyware/virus software that I use from opening when I try to remove it. Aprreciate it if you guys could have a look and help me out.
Cheers

 

[EXCellR8]

even though you've got a HJT log i would have a look at the 8-step virus removal thread located at the top of this forum section. it's good to have a few different logs when trying to find infections so you will only benefit. AV programs not running is a very common issue and there are specialized pieces of software that you can use to try and counter the problem. first things to check is services to look for disabled entries that shouldn't be; look for invalid startup entries.

 

[Bobbye]

roshanroshan, Welcome to TechSpot. I'll help with the malware. We can do a bit with the HijackThis log as it shows that your hosts files have been Hijacked by a rogue program named SecurityAntivirus.

Before we can do anything we must first end the processes that belong to Security Antivirus so that it does not interfere with the cleaning procedure. To do this, download the following file to your desktop.

rkill.com Download Link

• Double-click on the rkill.com to automatically attempt to stop any processes associated with Security Antivirus and other Rogue programs.
• Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
• If you get a message that rkill is an infection, ignore it: This message is just a fake warning given by Security Antivirus when it terminates programs that may potentially remove it.
• If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. This allows you to bypass the malware trying to protect itself so that rkill can terminate Security Antivirus .
• Please try running Rkill until the malware is no longer running. You will then be able to proceed with the rest of the guide. (If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.)

Do not reboot your computer after running rkill as the malware programs will start again.

Please download Malwarebytes' Anti-Malware and Save to the desktop

• Double Click mbam-setup.exe to install the application.
• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware.
• Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan option and then click on the Scan
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

When completed, a log will open in Notepad. Please paste this log into your next reply and we will then go on to the next steps.

Please do not use any other cleaning or antispyware programs while I am helping you. Don't use a Registry Cleaner. Don't do a System Restore.

We will reset the hosts files when the above step has been completed.

EDIT: Be sure your antivirus program is running at this point. I didn't see the AVG entries except for a 'file missing' Service.

 

[Bobbye]

Thread closed due to inactivity.