[list]Now is the time to remove one of those two antivirus.

Multiple Antivirus Programs

You are running more than 1 Antivirus program!

AV: avast! Antivirus
AV: Microsoft Security Essentials

Running - more than one - antivirus program is not recommended because:
[*]They can conflict with each other.
[*]Report the other antivirus software as malicious.
[*]Antivirus programs use an enormous amount of computer’s resources… actively scanning your computer.
[*]Can cause your computer to become unstable…run slowly and even, in rare cases, BSOD crash…etc
I strongly suggest you uninstall one of them. Which one, is your decision.

Then I want once more round with Combofix.

Delete Combofix, download fresh copy of Combofix.

Open notepad and copy/paste the text present inside the code box below:

KillAll::

ClearJavaCache:: 

DirLook::
c:\users\Ben\AppData\Roaming\QuickScan
c:\users\Ben\AppData\Roaming\mjusbsp

Save this as CFScript.txt

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )

I had only windows defender on this computer. when i got the virus and it disappeared completely, I got avast which is what I have on my other computer.

here is the combofix log.

Also defender is not showing up in the add/remove or ccleaner. Any sugestions for a good install fixer?

Nope, you are using two AV. You need to uninstall one of them:

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Go here: http://singularlabs.com/uninstallers/security-software/

If you decide to remove Microsoft Security Essentials, download and run it’s tool. If you decide to remove avast! Antivirus, download avast uninstall tool.
Thouse tools will remove related leftovers.

Windows Defender on Vista /7 is AntiMalware program. It’s fine.

• Then re-run Combofix and attach here fresh CF log. Then tell me how is your computer running now?

my computer seems to be working great again. Lol i knew I had two, but that root kit made windows defender unusable so I had to get something so I could scan with. Also my computer seems be working well now.

Does yours Windows Defender and Microsoft Security Essentials in proper operating now?

running the Microsoft essentials uninstaller i get this from Microsoft fix it 50535
service ‘Microsoft Antimalware Service’ (MsMpSvc) could not be stopped. Verify that you have sufficient privileges to stop system services.

and when I stop the service myself it just comes back.

Also windows updater says I have a bunch of updates but it wont download them. Even if I do one at a time.

Ok, run this tool;

Download the ESET services repair tool, extract the file to your desktop.

[*]Double-click ServicesRepair.exe.
[*]If security notifications appear, click Continue or Run and then click Yes when asked if you want to proceed.
[*]Once the tool has finished, you will be prompted to restart your computer. Click Yes to restart.
[*]A log will be saved in the CCSupport folder the tool created on your desktop, please post the content in your next reply.

ok. Essentials came back and updated. So i uninstalled it.

Cool. 8)

It is necessary to uninstall ComboFix :

[*] Click Start (or
http://amf.mycity.rs/pg/images/VistaStartButton.png
) then Run.

On Windows7 or Vista you may use Start Search field if Run is not available.

[*] In the line of text type in (Copy) the following:

ComboFix /Uninstall

Note that there is a space between " ComboFix " and " /Uninstall " .

[*] then click OK (or press Enter ).

Wait for the uninstall process is complete.

Please download DelFix by “Xplode” to your Desktop.

Run the tool and check the following boxes below;

[] Remove disinfection tools
[] Create registry backup
[*] Purge System Restore

Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt

I don’t need DelFix log report.

I recommended you to use MCShield if you will.
You may download MCShield from one of the following links:

MyCity - Official download link
Softpedija - Mirror download link

It will prevent infection by computer via USB flash drive, mobile phone or any other memory card.
And not only will prevent infection, but it will immediately clean flash drive, memory card or external HDD.

done and done. then restarted. still not updateing.

Hm…we need to re-check all that using fresh copy of tools. ???

Please download zoek.exe (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.

[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this instruction.

1. Open notepad and copy/paste the text present inside the code box below.
   To do this highlight the contents of the box and right click on it. Paste this into the open notepad.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

createsrpoint;
resetwmi;
DIR /S /A:L "%systemdrive%\*">>"%temp%\log.txt";b
filesrcm;
startupall;
firefoxlook;
chromelook;

2. Save notepad as zoekscript.txt

http://www.mcshield.net/personal/magna86/Images/zoekscript_big.gif

[*]Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag zoekscript.txt into zoek.exe.
Zoek will run. When finished, it will produce a zoek-results.log for you.
Note: It will also create a log in the C:\ directory named “zoek-results.log”

Please attach it to your reply.

======= THEN ==========

Please download Farbar Service Scanner and run it on the computer with the issue.
[*]Make sure the following options are checked:

[*]Internet Services
[*]Windows Firewall
[*]System Restore
[*]Security Center/Action Center
[*]Windows Update
[*]Windows Defender

[*]Press “Scan”.
[]It will create a log (FSS.txt) in the same directory the tool is run.
[]Please copy and paste the log to your reply.

done

Tell me if this solves problem with windows update.

[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this instruction.

1. Open notepad and copy/paste the text present inside the code box below.
   To do this highlight the contents of the box and right click on it. Paste this into the open notepad.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

net stop wuauserv;b
net start wuauserv;b
shutdown /r /t 3;b

2. Save notepad as zoekscript.txt

http://www.mcshield.net/personal/magna86/Images/zoekscript_big.gif

[*]Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag zoekscript.txt into zoek.exe.
Zoek will run. When finished, it will produce a zoek-results.log for you.
Note: It will also create a log in the C:\ directory named “zoek-results.log”

Please attach it to your reply.

here

Please answer at my question.

Try to update windows.

getting a an error still 80096001.

Let’s try fix this like this:

• Download wscsvc.reg and save it to your desktop.
  http://www.mcshield.net/personal/magna86/Temp/FSS

• Boot your computer into safe mode. Double-click to run the file. On pop-up message click Yes/OK/Merge.

• Reboot your computer and boot back in normal mode.

1. Re-try Windows Update and report here is operation was successfull?

2. Re-run FSS and attach here fresh FSS.txt logreport.

same error here is the log.