svchost.exe - system error

Hi, This is my first time posting.

I can't access my anti virus program (eset) and my computer keeps locking up. I have gotten the following message: "svchost.exe - system error The maximum number of secrets that may be stored in a single system has been exceeded.." When I try to do an eset scan I get a message about a missing kernel. When I tried doing the kernel fix on the eset website, it didn't work. I am not pleased that eset is closed over the weekend.

Both a malwarebytes and GMER scans stopped before finishing....I think. aswmbr and DDS scans ran all the way through though.

The GMER scan keeps disappearing after a little about a minute. But before disappearing the scan noted the following:

1) Disk \Device\Hardisk0\DR0 TDL4@MBR code has been found

2) ? C:\windows\system 32\drivers\afd.sys suspicious PE modification

3) ? C:\windows\system 32\svchost.exe [3296] img.check (something I can't read my writing)mismatch: number of sections mismatched

Also, the DDS .txt said the following: Warning: possible TDL3 rootkit infection !

The dds attachment log listed 28 error messages since 8/14/11. I will not copy them unless I am requested to.

Any suggestions or information would be appreciated.

Thank you so much for reading this!!!

Estella

 

ask for help from one of the dedicated antimalware sites
https://www.wilderssecurity.com/showpost.php?p=1533481&postcount=3

 

Thank you Cudni!

 

It is my understanding that it is hit or miss with Rootkit Detection & Removal. Recently someone was only able to Detect & Successfully Clean a TDL Rootkit variant with the Kaspersky Rescue Disk 10. It may be best to first try cleaning with Antivirus Rescue CD's such as the Kaspersky Rescue Disk 10.

 

Malwarebytes isn't great for TDL which is unfortunate given how common it is. MBAM is great for others like Zbot though.

As others have said, there are dedicated forums e.g. bleeping computer, geeks to go. TDL3 is quite easy to remove using OTLPE, so I'd try geekstogo if I were you.

If you want to do it yourself with automated tools, and can deal with reinstalling if you have to - you could try TDSSkiller, Hitmanpro, then with Combofix:
http://support.kaspersky.com/downloads/utils/tdsskiller.exe
http://www.surfright.nl/en/hitmanpro
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Afterwards followup with Dr Web.
https://www.freedrweb.com/download cureit/gr/?lng=en

Alternatively, a boot disk antivirus won't hurt. They can take awhile though. Kaspersky, Avira, Dr Web, f-Secure - all make good ones. Dr Web takes the longest, but it does have a web browser