Jump to content

can't download, run, install, or update ANYTHING security

Recommended Posts

I have read hundreds of forums and forum posts (including these forums) but can't seem to find anything that comes even remotely close to fixing the problem.

It started off with the fact I couldn't update my antivirus (AVG). So I figured I'd try a fresh install... big mistake. After uninstalling, there was no reinstalling. The installer will not run at all.

So I figured I'd do my usual mal/spyware scans.

Spybot S&D will not update

Malwarebytes will not update

Superantispyware is using 100% CPU and doesn't stop (I waited over 2 hours just to be sure)

SO I started surfing forums.

The first thing I read is to uninstall Malwarebytes, run the "clean" uninstall tool, reboot, redownload malwarebytes.

I tried the recommendation:

Uninstalled malwarebytes

downloaded the clean removal tool

tried to run it, SHGetValue failed with code 0

searched forums and found that error basically means "all removed"

downloaded the newest version

run the new version:

regcreatekeyex failed; code5

I have checked the permissions of my registries and I'm no expert but it appears as if the registry key HLM/Software/Malwarebytes' Anti-Malware is the only affected key. I can't manually assign permissions as I get a permission denied when I try. The same if I try to rename the key, delete the key, or anything else.

I have no idea what to do next. I can't reinstall XP as I have no installer CD. I also have no flash drives or floppy drives.

I am running an AMD based computer. I have no idea what to do next.

I have also tried using hjt but see nothing out of the ordinary in the scan results.

Please help asap.

Link to post
Share on other sites

I may have spoke to soon with my last message.

I actually cannot access anything within HLM/Software

Following the thread


I was able to force ownership back to the administrator for the malwarebytes keys and get the software installed and updated. It is currently running. However unlike the owner of the above thread, mine was NOT caused by removal of a user. I have not made any changes to the users on this system, nor have I edited any of the registries prior to today. I am most assured this was caused by some sort of rootkit/malware/virus.

The problem I am now faced with is even when I do find the virus (or whatever caused this), I now have a registry completely filled with keys that have no assigned users/permissions. When I try to "replace permissions on all child objects" I get an error "could not set security on the key currently selected, or some of its subkeys".

This is probably a bit beyond the scope of these forums but any chance anyone has heard of such a virus (what have you) or a fix to this?


P.S I am currently running malewarebytes and it has found 4 objects infected so far.

Link to post
Share on other sites

So I have solved about 80% of the problem. Malwarebytes removed 6 threats.

I rebooted, the registry seemed fixed.

I tried to open malwarebytes from my user account (as opposed to safemode/admin).

No such luck

I tried to install AVG again, it started to work, then failed saying it couldn't connect to the internet.

I did a hjt scan and found some nameservers on the list that don't belong there, removed them. Rebooted into safemode again.

Malwarebytes started perfectly from safemode.

Tried starting the AVG installer, it seemed to work but was taking up way more CPU resources then it should.

So I checked the taskman.

Taskman reported a file called stub.exe

I killed the process, avg died with it.

I ran malwarebytes yet again. This time it found 1 problem (which it found the first time and I removed might I add) c:\windows\system32\ernel32.dll

So now I have a file that malwarebytes detects and removes, but keeps coming back and I have no idea if its related to the stub.exe file

I really have no idea what to do

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.