[AlienwareAurora]

Hello, my MalwareBytes Security program detected a virus, I have a very expensive computer, and I have way too many programs on here that will take forever to reinstall, so reformatting is out of the question.

The potential virus can be found here:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

Now in this folder are these 3 folders:
egui.exe
ekrn.exe
IEInstal

equi and ekrn are both NOD32 Execution files, and I am assuming the virus is trying to block NOD32.



Now when I try to delete these, Error while deleting key.



So then, I try to give myself permissions because I am on a ADMIN account. and it says access denied.


Note: I have tried to give other users permission, and it gives the same error.
I can't do anything at all, and I believe the virus was meant to keep it this way.
Now what I need help on is to remove these registry keys, or have access to them. I have tried many methods on regaining control with no luck.

I am running on Windows 7, and these are my only 2 infected registry keys, and I don't want this virus to spread on my beautiful machine.
I am willing to pay money to who ever can fix my problem, thanks.

Note: I have provided colored text and Pictures to help you guys understand it more clearly.

Edited by AlienwareAurora, 09 May 2010 - 06:28 PM.

[Advertisements]

AlienwareAurora-

Hi and welcome to Geeks to Go!

I suggest taking a look at the Malware and Spyware Cleaning Guide. This will help you disinfect the majority of malicious software from your system. If that doesn't solve your problem, post a new thread in the Virus, Spyware and Trojan Removal Forum.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to this thread and we will pursue other options to help you solve your current problem(s).



_{FOOTNOTE: Also, as an FYI, egui.exe and ekrn.exe are processes for ESET Smart Security system- wouldn't want to delete those!}

Edited by FNP, 09 May 2010 - 06:35 PM.

[FNP]

AlienwareAurora-

Hi and welcome to Geeks to Go!

I suggest taking a look at the Malware and Spyware Cleaning Guide. This will help you disinfect the majority of malicious software from your system. If that doesn't solve your problem, post a new thread in the Virus, Spyware and Trojan Removal Forum.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to this thread and we will pursue other options to help you solve your current problem(s).



_{FOOTNOTE: Also, as an FYI, egui.exe and ekrn.exe are processes for ESET Smart Security system- wouldn't want to delete those!}

Edited by FNP, 09 May 2010 - 06:35 PM.

[AlienwareAurora]

AlienwareAurora-

Hi and welcome to Geeks to Go!

I suggest taking a look at the Malware and Spyware Cleaning Guide. This will help you disinfect the majority of malicious software from your system. If that doesn't solve your problem, post a new thread in the Virus, Spyware and Trojan Removal Forum.

If you are still having problems after being given a clean bill of health from the malware expert, then please return to this thread and we will pursue other options to help you solve your current problem(s).



_{FOOTNOTE: Also, as an FYI, egui.exe and ekrn.exe are processes for ESET Smart Security system- wouldn't want to delete those!}

So you are telling me NOD32 itself put them there? If so, Do I have to worry about a virus? Because MalwareBytes is a very trusted program, and I doubt it would treat those 2 files potentially infected.

[DavePaulson]

Hi AlienwareAurora-
Malware removal advice is not given in this forum. I see you have a post in the correct forum. If you read the link to the Malware and Spyware Cleaning Guide FNP gave you it will expedite the process. There are some real competent people there that will help you with your problem.

Dave