Jump to content

Recommended Posts

Hello, I'm posting here because it seems that there are a very many helpful individuals here with effective results. Recently I had noticed that when I started my computer I would get an administrative request to allow Windows Command Processor to make changes to my computer. Of course I would always decline because I don't know why that would ask to do such a thing. Today I got curious and decided to see if I could remove the source.

 

I switched into safe mode via msconfig. When I did this, I attempted to run Spybot, at first it worked, then suddenly as if it were intercepted, it stopped. I could no longer run the program. When clicked I would recieve this message: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." The same issue occured with my Norton 360 Premiere Edition. I tried uninstalling the program and reinstalling in hopes I'd be able to run it. Unfortunately, whatever malicious software is attacking my system is preventing me from installing the anti-virus again. I get a message stating that "Another download manager is currently running. Please wait for it to complete and try again." A direct install just doesn't happen either.

 

Sweeping through this website and others I've attempted to fix the problem myself using the various programs suggested. I will provide what logs I can in this post. Programs I have used are malwarebytes, ComboFix, and currently running a full system scan of Microsoft Safety Scanner, which has found 3 infected files as I type.

 

I'm up and about ready to spend money I don't have on a new OS because I seem to have lost my install discs and wipe the system. Any help with this problem will be greatly appreciated.

 

Other things to note related to this infection:

 

My firewall has been adjusted, I also cannot remove many of the exceptions in the firewall.

Google Chrome is being blocked from the internet. Could not reinstall due to install package being prevented from reaching the internet.

Attempted to install Kaspersky trial to have an antivirus and scan system, Kaspersky claims Norton is still installed and attempts to uninstall it to a failure.

Malwarebytes could not connect to host to update, was able to do so in Safe Mode.

 

I included my first and last log for Malwarebytes, just in case there was any data that might have been useful in the initial scan.

Safe Mode can only be reached via msconfig. Holding F8 on restart yields a drive select screen in DOS that does nothing but load up Windows normally regardless of the drive chosen.

mbar-log-2015-01-24 (19-19-24).txt

ComboFix.txt

mbar-log-2015-01-24 (13-20-37).txt

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.