Alright so I can’t turn avast! on; when I try it says “The Operation could not be completed”. Also my vista security center(Malware protection section)has just suddenly shut off, when I try turning it on it says "Security Center can’t turn on Windows Defender. Please try again later. Worried I might have been hacked or something. Any help you could give me would be much appreciated.
Also not very computer savvy so if possible dial down on the computer lingo(makes fixing it a little easier/faster).
Please check whether you can open task manager / system configuration (by type: “msconfig”) / Registry (by type : “regedit”)
If possible to open regedit or system configuration or task manager, be sure to check your task manager from unknown process or your system configuration at Start up Tab to make sure there is no unknown application run when you start up your windows or check at your registry : HKLM - SOFTWARE - Microsoft - Windows - Current Version (Please check is there others running application that you are not recognize it)
Alright so I can open task manager / system configuration / Registry. While looking through the Registry I found the following(these are the ones I am suspicious of) “DIFx, DIFxApp, DPX, FakeDefaultUserProfile, Hints, HotStart, and Telephony”. Also tried to use the HijackThis Tool but an error pop-up came up when I tried to run it, it said “Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.”(In the admin on my network). It also slowed everything down ALOT when I tried running it again. So then I tried to remove it, then a pop-up came up and said “You do not have sufficient access to uninstall HijackThis 2.0.2. Please contact your administrator”(which i am).
Repaired avast!(or atleast it said I did), except now theres no little icon in bottum right corner of the screen in the little toolbar thing, also when I try openning it from its shortcut nothing happens.
Any more help you could give me would be much appreciated.
Well I got it installed and was about to start a scan when the program just closed. Then when I tried to re-open it the same thing happened as with the HijackThis program. Everything slowed down insanely, and then a pop-up appeared that said that I dont have permission to do this blah, blah, blah. I think it’s pretty safe to say that ive been quite effectively hacked.
unless you’d rather reinstall the OS (what I would do) it’s gonna be a rather long and complicated procedure to get you out of this…well from what I’ve seen in other similar cases on the forums. But there are some specialists here that will most likely pop in in this thread soon or later.
The other thing with reinstalling is that you might have infections in non-system partitions…and you have to check that too…are you browsing here with the PC having these issues you’re talking about? just wondering if it’s still able to access the web normally…
I’m infected - What do I do now?, Please follow these instructions to clean your system
NOTE: If Malwarebytes won’t run or HijackThis won’t run please still create a new post in the Malware Removal - HijackThis Logs forum and explain what happens.
Ill try creating another user account, but whats OS? Operating System? So basically if creating another account doesnt work, how would I go about re-installing the OS? And yes with I am using the hacked account and I can still access the internet.
First check out this as it could be a new varient, see below.
– CoolWebSearch Varient
When you try to use MBAM and it immediately shuts down upon opening and/or
try to use HJT and it also immediately shuts down upon opening;
this is being cause by a Coolwebsearch Trojan (CWS) variant.
It was looked you attacked by malware which trying to block you from security tools usage or update.
Do you able to access to avast dot com or kaspersky dot com or any webpage related with security products?
Do you found any suspicious file exe either at your task manager or system configuration (Start up Tab)?
I am able to access avast.com, kaspersky.com, etc.
A few suspicious .exe files I found in task manager were, “msa.exe : Description-msa.exe, Size-0Bytes, No previous versions, product name, product version, Copyright, date modified, file description, language.” then another file with everything the same as msa.exe except its called a.exe.
And under the services tab i have absolutely no idea what to look for theres so many.
if creating a new account in Windows works, and you regain normal access to everything, you might not have to reinstall Windows, but just delete the first account from there, do scans with anti-malware products as suggested etc…