Eset Smart Security unable to remove threat

Hi, recently I believe my computer has been infected with a virus. Eset Smart Security has been trying to remove it but to no avail.

http://i5.photobucket.com/albums/y18...viceserror.png

The notification keeps popping up consistently as well for these viruses:
http://i5.photobucket.com/albums/y18...s/trojan-1.png

It's as if these viruses cannot be removed or it kept coming back? Is there any way to remove it permanently? I cannot do a system restore as it was not turned on.

I've read through and run the
"READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker)"

I've attached the respective logs here.

 

http://i5.photobucket.com/albums/y188/rn_1604/errors/serviceserror.png
http://i5.photobucket.com/albums/y188/rn_1604/errors/trojan-1.png
correction to the above links ^

 

Malwarebytes Anti-Malware log:

 

Welcome to MajorGeeks, rn_1604

http://img827.imageshack.us/img827/1263/frst.gif Please download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Use the arrow keys to select the Repair your computer menu item.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

To enter System Recovery Options by using Windows installation disc:

• Insert the installation disc.
• Restart your computer.
• If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
• Click Repair your computer.
• Choose your language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account an click Next.

On the System Recovery Options menu you will get the following options:

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
• Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) on the flash drive. Please attach this log to your next reply. (How to attach)

http://img827.imageshack.us/img827/1263/frst.gif Also run this search using FRST.
Type the below bolded text in the edit box after "Search:".

services.exe

Then click the Search button.

It will make a log (Search.txt) on the flash drive. Please attach this log to your next reply. (How to attach)

 

Attached are the files:

 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Attached is fixlist.txt

• Save fixlist.txt to your flash drive.
• You should now have both fixlist.txt and FRST64.exe on your flash drive.

Now re-enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt).
Please attach this to your next message. (How to attach)

Now reboot normally and remember to attach your Fixlog.txt.

__

Let me know if any outstanding issues and also let me know if you set this proxy: proxy.singnet.com.sg:8080

 

proxy.singnet.com.sg:8080

Yes, the proxy is set by my internet operator. It seems like Eset isn't detecting anything for the moment now.

 

Ok, well just keep me posted.

In the meantime, you can delete the C:\FRST folder.

http://img850.imageshack.us/img850/4746/programsandfeatureswin7.gif From Programs and Features (via Control Panel), please uninstall the below:

• Java(TM) 6 Update 31 (outdated)

http://img195.imageshack.us/img195/9049/javaz.gif Now install the current version of Sun Java from: here

 

Ok, I'll update you in a few days time again and thanks alot for all the help, really appreciate it!

 

Hi, I've confirmed that everything is running fine now regarding that error. However, something is wrong with my windows defender and firewall.

For windows defender:
A problem caused this program's service to stop. To start the service, click the Start now button or restart your computer.

I tried clicking on the start now button but it hanged.
When I tried to start the Windows Defender service in Services:

Windows could not start the Windows Defender service on Local Computer.
Error 126: The specified module could not be found.

Same for windows firewall:
Windows could not start the Windows Firewall on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code 5.

 

http://img406.imageshack.us/img406/3189/windowsrepair.gif Download Windows Repair by Tweaking.com and unzip the contents into a newly created folder on your desktop.

• Now open Repair_Windows.exe
• Go to the Start Repairs tab.
• Press the Start button
• Create a System Restore point if prompted.
• In the Repair Options window, choose the following repairs:
  • Reset Registry Permissions
  • Repair Windows Firewall
  • Repair Winsock & DNS Cache
  • Remove Temp Files
• Place a checkmark in Restart/Shutdown System When Finished
• Fill in the Restart System bubble
• Now click the Start button.
• Be patient while the tool repairs the selected items. Your computer should automatically restart when finished.

__

http://img97.imageshack.us/img97/8120/fss.gif Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure all the options are checked
• Press Scan.
• It will create a log (FSS.txt) in the same directory the tool was run.
• Please attach FSS.txt to your next message. (How to attach)

 

Windows firewall is now working thanks! However, Windows Defender still isn't working, is there a fix for that?

Attached is the FSS log

 

Yes. Let's try this:

http://img205.imageshack.us/img205/4783/regeditb.gif NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

• Attached is fixme.zip
• Inside of fixme.zip is fixme.reg
• Extract fixme.reg onto your desktop.
• Now double-click fixme.reg and allow it to merge into the registry.
• Once the merge was successful, reboot your computer and test if Windows Defender is now working.

__

http://img97.imageshack.us/img97/8120/fss.gif - Rescan with Farbar Service Scanner
Attach the latest FSS.txt here.

 

Hi, that fix worked! Thanks alot! Everything is running well now! Thanks alot again!

 

You're welcome

__

If you are not having any other malware related problems, it is time to do our final steps:

• Any programs we had you download and/or install can be removed at this time.
• If we had you download and run ComboFix, here is how to uninstall it:
  • Press and hold the Windows key http://i1106.photobucket.com/albums/h363/debojyotidas/Windows_Logo_key.gif and then press the letter R on your keyboard.
  • This opens the Run dialog box.
  • Copy and paste the below text inside the text-field:
    • "%userprofile%\desktop\ComboFix" /uninstall
  • Now press ENTER
  • ComboFix will extract its files one last time and you should receive a notification that ComboFix has been uninstalled shortly after.
• You can re-enable your Disk Emulation software at this time via DeFogger.
• If we had you create or download a registry patch or "fix" script, these can be deleted at this time.
• Go into the C:\MGtools folder and run the MGclean.bat file to remove additional traces of our tools.
• Now we will toggle System Restore to remove any infected system restore points.
  • Read this: How to Disable And Enable System Restore
• Lastly, here is a guide to protect you from future infections: How to Protect yourself from malware!
• Be safe