Jump to content

Windows Command Processor virus - strange computer behavior


Recommended Posts

TLDR: Computer is behaving strangely. Think it's infected with Windows Command Processor virus. What should I do?

 

More details in case they matter:

A Windows Command Processor window popped up yesterday (don't know how it got past McAfee - might have to upgrade my AV). I managed to get rid of it somehow (can't remember) and to restart the computer with the window gone, but my computer has behaved strangely ever since and I think it might still be infected by this virus or perhaps another or perhaps both.

For instance, the computer spontaneously sort of shut down this morning, but not in the usual manner. I was randomly browsing when a window popped up saying the memory (RAM I think?) was maxed out and to shut down all programs. I closed IE and Chrome (I use both), but then the desktop icons and taskbar icons spontaneously disappeared (I did not restart the computer) and the computer just sat there for a bit. I did a hard restart (removed power plug and battery) and restarted in safe made with networking. Ran a Malwarebytes and McAfee scans and found 3 and 15 threats respectively, all quarantined and deleted. By the way, tried updating Malwarebytes 2 or 3 times but it wouldn't update, so I just ran without updating. 

 

Computer ran ok mostly, Windows Command Processor window gone, but it was a bit sluggish, websites taking a long time to load on new tabs, twitchy mouse pointer constantly switching from pointer to turning circle. So this a.m. I decided to download and run Combofix. Took a LONG time to download and even longer to run, over an hour. I didn't see any "clean" or "fix" options on Combofix (first time using) so I don't know if Combofix scans only or if it also cleans/fixes/quarantines/removes malware.

 

Computer seems to be running ok now, although my browsing history shows several sites I didn't visit, so I'm thinking some virus/proxy user is perhaps secretly opening websites without my knowledge? Don't know if this is possible . . . Also, after restarting 2 Configuration Settings icons/files showed up on the desktop, one old (created 2009, modified today) and one new (created and modified today). Furthermore, I couldn't open the Windows Security Service/Action Center icon (Flag) in system tray even though it had a notification small red x on it. The message "Windows Security Service Center can't be started" appeared when I tried to open it. Tried fixing it following Microsoft Windows procedure, but couldn't finish the process. And I couldn't turn on McAfee real-time protection, even in regular mode (ie not safe mode).

 

Sorry, I don't understand these things. Still learning about computers and viruses, malware, AV programs etc.

 

My question is what steps should I follow to check my computer for potential viruses/malware? I see the same topic came up at least 2 other times in this forum (recently and in 2012), but each Trusted Advisor suggests a different set of AV scans.

 

Thanks for any help. Gonna have to donate to this site. You guys/gals do a lot of good for many people.

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
Let's see what is going on with your PC:
 
 

FRST.gif Scan with Farbar Recovery Scan Tool

 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

Thanks for your reply, TwinHeadedEagle. Just so you know, my computer is in safe mode with networking, which disables anti-virus protection as far as can tell.

P.S. Your avatar is awesome. Love his acting and this character in particular.

FRST.txt

Addition.txt

Link to post
Share on other sites

No it's not the same computer. In the other thread, I posted a little while ago that I gave up on that computer, which was used and came filled with viruses and assorted malware. I gave up on it because it developed a "blue screen" error, and after several restarts and attempted restarts it wouldn't restart in safe mode with networking, so I couldn't download any antiviral programs or communicate with you via this website. I returned that computer to the manufacturer and bought a brand new, cheap HP from a local store to see if I like it and/or until I research and buy a new, better laptop. Sorry I didn't post this earlier in the other thread.

 

Don't know how the current Windows Command Processor virus got on this new computer as McAfee firewall and active virus protection was turned on. Now, the speakers won't produce sound, and running the audio troubleshooting tool wasn't able to "automatically fix all of the issues found," which is listed as "One or more audio service isn't running (Not fixed)."

Also, computer just updated itself spontaneously (I did not restart it, 61 updates). Still no sound, audio troubleshooter still can't fix the problem.

Link to post
Share on other sites

Sorry for delay:
 
FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.