Please download SysProt here http://homepages.slingshot.co.nz/~crutches/SysProt  and run it.

Choose the Log tab and select all the items in the Write to log box. Then select Create Log to start scanning. When it is done, a message window will appear with the location of the log file.

Please attach the log file to a post here; the Add Attachments links is below the orange Post button. Thanks

I tried running the Sysprot; I checked the boxes and clicked Create Log. The blue bar on the bottom was showing that it was scanning, but then a windows message popped up saying "you need admin privileges....sysprot failed to launch" ( something along those lines).  My account is an administrator account, so I don't know what the problem is. I clicked ok, and then another window popped up from the program itself with the options of either running a scan on "all drives"  or just running a scan of the "root drive". When I tried to run a scan on all drives, the Sysprot program would freeze and stop responding, so I just ran it on the "root drives." 

 

Here is the log attached.

What is your OS on the system?  (XP, Vista, etc)

It's windows Vista

Try running SysProt once more by right clicking it and selecting "Run as administrator" from the context menu.  Let us know how this goes.

Thank you for that; it worked just as you said this time.

 

Attached is the new log.

Hi

 

 

If you have Spybot S&D installed remove it 

 

Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.

 

1. Download Avenger to your desktop,

 

Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger/

OR Creators website http://swandog46.geekstogo.com/avenger2/avenger2.html with zipped version to the unzip to desktop 

 

2. Click to run "Avenger.exe"  (right click "Run as Administrator" if using Vista)

 

3. In the "Input script here:" copy and paste the script between the lines

 

---

Drivers to disable:

ESQULserv.sys

 

Drivers to delete:

ESQULserv.sys

 

Files to delete:

C:\Autorun.inf

D:\Autorun.inf

C:\Windows\System32\drivers\ESQULdiydhrpxnbayptswrjhqibiqptikcrud.sys

C:\Windows\System32\ESQULzcounter

 

Registry keys to delete:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SOFTWARE\ESQUL 

---

 

Here is a screenshot (script updated since shot)

 

 

Make sure the "Automatically disable any rootkits found" is NOT selected

 

4. Click "Execute"

 

You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.

Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find.

 

5. Restart the PC again, then see if you can install  Update and run Malwarebytes  http://www.filehippo.com/download_malwarebytes_anti_malware/

 

Quads   

Hello, so Avenger worked fine. Attached is the log for Avenger.

 

I then installed, updated, and ran a full scan with Malwarebytes. It found three Trojans, and I tried removing them. Attached is the log for that as well.

 

Also, I don't think I have Spybot.

Hi

 

When You say "It found three Trojans, and I tried removing them. "   Does that mean they still appear, on another scan as the log says, No action Taken.

 

Quads