Virus not allowing me to run any anti viruses

[Alex510]

Ok I followed the Eight Step Topic and this Virus does not allow me to run any anti virus. Even in safe mode which I am in now. It also redirects all google links. It's one of those fake anti viruses.. how am I suppose to get rid of it if I cannot do anything?

 

[Bobbye]

Did you download and run Malwarebytes, Superanytispyware and HijackThis? Where are the logs?

Steps and links HERE.https://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

 

[Alex510]

The virus has blocked all of those from installing, even in safe mode. I've tried multiple times. I click the install .exe and nothing ever comes up. I've tried renaming the files and still get nothing.

 

[Alex510]

Sorry for the double post but I finally got them installed and ran them by renaming them. The Vundo virus is what I have I guess. Here are the logs files, any help is much appreciated.

 

[Bobbye]

Alex, you didn't check the line in Malwarebytes for it to remove and entries it found. so that malware it still there. Superantispyware has a similar entry.

• Please download TDSSKiller
• Extract the zipped file to your desktop.
• Go to Start ->Run. Type/Copy and Paste the following text into the prompt:
  

  "%userprofile%\Desktop\TDSSKiller.exe" -l C:\report.txt -v

• This will have the program write a detailed log
• 
  The screen will resemble this black screen:
  
  
  
  
  When its work is over, upon detection of malicious services and files the utility prompts for a reboot to complete the disinfection.
  
• Click OK.
• If malicious services or files have been detected, the utility will prompt to reboot the PC in order to complete the disinfection procedure.
• Please reboot when prompted.
  
• After reboot, the driver will delete malicious registry keys and files as well as remove itself from the services list.
  You should get a screen like this:
  
  
• A log file named report.txt should have been created and saved to the root directory (usually C:\report.txt).
• Follow the prompts and attach the report to your next reply.

Then Please download ComboFix HERE:

• With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
  
• Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.

Important! Save the renamed download to your desktop.

• Double click on the setup file on the desktop to run
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.
• When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  (Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.)
  
• Query- Recovery Console image
  
  
  
  
• Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
  
  
  
  
• Click on Yes, to continue scanning for malware.
  
• When finished, it will produce a log.Please include the C:\ComboFix.txt in your next reply.

Notes:

• 
  1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
  2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
  3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
  4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Please attach the Combofix report and the TDSS report to your next reply.

 

[Alex510]

Everything seems be running good now. Even the Google Redirects have been fixed. Thanks for all your help!

 

[Bobbye]

Don't close up shop yet, Alex. I'm going to have someone check the Combofix report.