Norton anti virus 2009 not scanning, Anti Malware will not run

Hicksy4 · ‎07-20-2009

Hi,

I have read all the post here and I'm having exactly the same problems with Norton Internet Security 2009, I downloaded Anti Malware but it would not run, although I was able to run gmer and save the log as attached. I wondering if this fix will help me?

Thanks for your help.

[edit: Changed subject to reflect moved post.]

Message Edited by shannons on 07-20-2009 10:16 PM

delphinium · ‎11-21-2008

Hi Hicksy4:

You have been moved to a thread of your own so that we can keep track of you. Your GMER log has been shortened by the malware. We will require that you download this tool http://homepages.slingshot.co.nz/~crutches/SysProt

You will need to turn auto protect off in Norton so that the scan can run.

Choose the report or log tab, check all areas and HD and scan.

You will be able to post the log in the same manner as your GMER.

Under certain circumstances profanity provides relief denied even to prayer.
Mark Twain

Hicksy4 · ‎07-20-2009

Hi,

Thanks for your help.

Please find the log attached as requested.

Quads · ‎07-21-2008

Hi

I don't have the name of the 2 .dll files but i have the rest

If you have Spybot S&D installed remove it

Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.

1. Download Avenger to your desktop,

Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger/

Creators website http://swandog46.geekstogo.com/avenger2/avenger2.html with zipped version to the unzip to desktop

2. Click to run "Avenger.exe" (right click "Run as Administrator" if using Vista)

3. In the "Input script here:" copy and paste the script between the lines

Drivers to disable:

ESQULserv.sys

Drivers to delete:

ESQULserv.sys

Files to delete:

C:\Autorun.inf

D:\Autorun.inf

C:\Windows\System32\drivers\ESQULuwqsupdiobpqerciwcvvohrvetchembj.sys

C:\Windows\System32\ESQULppewlpxdscorvtosbkscpisnxwubnjim.dll

C:\Windows\System32\ESQULqljpjohigdwbidubfvicwepcrcpcmrxk.dll

C:\Windows\System32\ESQULzcounter

Registry keys to delete:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\ESQULserv.sys

HKEY_LOCAL_MACHINE\SOFTWARE\ESQUL

Here is a screenshot (script updated since shot)

Make sure the "Automatically disable any rootkits found" is NOT selected

4. Click "Execute"

You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.

Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find.

5. Restart the PC again, then see if you can install Update and run Malwarebytes http://www.filehippo.com/download_malwarebytes_anti_malware/

Quads