2 Trojans

Discussion in 'Malware Help (A Specialist Will Reply)' started by tw1gs, Oct 20, 2010.

  1. tw1gs

    tw1gs Private E-2

    Hi! I'm new here, and I've run through all the listed steps. Here are the problems I'm having:

    Yesterday while on myspace, got a big black error that the computer was infected and the antivirus was out of date. I'm guessing is the fake 2009 antivirus trojan. My desktop still shows the big black and red box.

    Completed the Run & Read Me First, no major problems there...
    Went to the XP Cleaning procedure, and I was able to download all the tools, but none will run completely.

    SuperAntispyware download would randomly disappear. Used the Portable and it scanned, but shut down mid process. I tried to go directly to removal after the 2 Trojans were detected, and it rebooted, but they are still there when I rerun.

    Malwarebytes will not run. I get an error that it won't open, even after renaming to mb.exe.

    Combofix: Attempting to create system restore point: Access is denied.

    MGTools also randomly disappears.

    I have no logs, since everything just closes...

    Help! Thanks for all you do!

    tw1gs
     
    tw1gs, Oct 20, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    How do you get on with the scans in safe mode?
     
    Kestrel13!, Oct 20, 2010
    #2
  3. tw1gs

    tw1gs Private E-2

    I downloaded the software in Normal mode, then rebooted into Safe Mode, and tried to run them, but with the same results. The programs would disappear once I started running them, and when I click on them again to attempt to rerun, I get an error message that something may be missing or I may not have sufficient permissions to access the program. Help, please!! Thanks so much!
     
    tw1gs, Oct 21, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Try doing this in safe mode.

    As part of its defense mechanism, Antivirus 2010 will also terminate the majority of programs that you attempt to run. When it terminates them it will also change the security permissions on the executable so that you will not be able to run the program again. You will know when Antivirus 2010 changes the permission on a program because when you attempt to launch the program you will be greeted with a Windows message that states:

    Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item.

    If you are greeted with this message for one of your executables you can regain access to the program by using the cacls.exe program that comes installed with Windows. Simply go to a Command Prompt and type the following command to give the Everyone group permission to use the file again:

    cacls <full path to the program> /G Everyone:F

    As an example, if you attempt to launch Malwarebytes' and it gives the above error, then you would type cacls "c:\program files\Malwarebytes' Anti-Malware\mbam.exe" /G Everyone:F and press enter on your keyboard. Once you enter that command and press enter, everyone on your computer will then have access to the file again. If you are using Windows Vista or Windows 7 then you will have to use an elevated command prompt.

    Then run MBAM with full scan option.

    You can try doing the same thing for MGTools.exe as well as ComboFix.exe.
     
    TimW, Oct 21, 2010
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds