Jump to content

Recommended Posts

I'm getting what appears to be a familiar virus my PC on start issues a shutdown warning with the following code "services.exe -1073741482", I can't run any virus scans from McAfee, Super AntiSpy or MalwareBytes telling me I don't have permission. I've ran the recommended Trend Micro HijackThis, it runs then closes without creating a log and on re-run gives the usual permission error.

I've ran all these in safemode with the same outcome fortunately the service.exe error doesn't prevent me using my PC as on re-start boots up normally with the exception of mcshield which closed due to a memory error.

Where do I go from here?

Link to post
Share on other sites

I'm getting what appears to be a familiar virus my PC on start issues a shutdown warning with the following code "services.exe -1073741482", I can't run any virus scans from McAfee, Super AntiSpy or MalwareBytes telling me I don't have permission. I've ran the recommended Trend Micro HijackThis, it runs then closes without creating a log and on re-run gives the usual permission error.

I've ran all these in safemode with the same outcome fortunately the service.exe error doesn't prevent me using my PC as on re-start boots up normally with the exception of mcshield which closed due to a memory error.

Where do I go from here?

PS. I noticed that most users with this problem are advised to download & run Win32Diag and attach resulting txt file, which I have now done.

thnxWin32kDiag.txt

Link to post
Share on other sites

Welcome to Malwarebytes!!! ;)

1. Please download The Avenger2 by Swandog46 to your Desktop.

  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to move:
C:\WINDOWS\system32\logevent.dll | C:\WINDOWS\system32\eventlog.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.

  • Right click on the window under Input script here:, and select Paste.
  • You can also Paste the text copied to the clipboard into this window by pressing (Ctrl+V), or click on the third button under the menu to paste it from the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

[*]It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually restart your system twice.)

[*]On reboot, it will briefly open a black command window on your desktop, this is normal.

[*]After the restart, it creates a log file that should open with the results of Avenger

Link to post
Share on other sites

Welcome to Malwarebytes!!! :D

1. Please download The Avenger2 by Swandog46 to your Desktop.

  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to move:
C:\WINDOWS\system32\logevent.dll | C:\WINDOWS\system32\eventlog.dll

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.

  • Right click on the window under Input script here:, and select Paste.
  • You can also Paste the text copied to the clipboard into this window by pressing (Ctrl+V), or click on the third button under the menu to paste it from the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.

4. The Avenger will automatically do the following:

  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete" or "Drivers to Disable", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

5. Please copy/paste the content of c:\avenger.txt.

==============================================

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

--------------------------------------------------------------------

Double click on combofix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

Note:

Do not mouseclick combofix's window while it's running. That may cause it to stall

Please find attached avenger.txt, combofix.txt and hijackthis log, although I my McAfee scan still does not work giving the same permission error, should this be re-installed?

Thanks

avenger.txt

log.txt

hijackthis.txt

Link to post
Share on other sites

  • Click on Start->Run, and copy-paste the following command (the bolded text) into the "Open" box, and click OK.
  • When it's finished, there will be a log called Win32kDiag.txt on your desktop.
  • Please open it with notepad and post the contents here.

"%userprofile%\desktop\win32kdiag.exe" -f -r

Please update malwarebytes, run a quick scan, post the results.

Are you still unable to run mcafee?

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.