Hi
If you have Spybot S&D installed remove it ALSO Disable Nortons Auto-Protect
Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.
1. Download Avenger to your desktop,
Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger/
OR Creators website http://swandog46.geekstogo.com/avenger2/avenger2.html with zipped version to the unzip to desktop
2. Click to run "Avenger.exe" (right click "Run as Administrator" if using Vista)
3. In the "Input script here:" copy and paste the script between the lines
Drivers to disable:
ESQULserv.sys
Drivers to delete:
ESQULserv.sys
Files to delete:
C:\Autorun.inf
D:\Autorun.inf
C:\Windows\System32\drivers\ESQULubmhpcpipaqxuppjdvpkdsnxwvxmtniw.sys
C:\Windows\System32\ESQULzcounter
C:\Windows\System32\ESQULzxspectrum
Registry keys to delete:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\ESQULserv.sys
HKEY_LOCAL_MACHINE\SOFTWARE\ESQUL
Here is a screenshot (script updated since shot)
Make sure the "Automatically disable any rootkits found" is NOT selected
4. Click "Execute"
You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.
Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find.
5. Restart the PC again, then see if you can install Update and run Malwarebytes http://www.filehippo.com/download_malwarebytes_anti_malware/
Quads