I am getting Unauthorized access blocked (Open Process Token) every 5 seconds on my computer. This is showing up through Norton Security Suite as a medium threat but no action needed on my part. The actor is c:\windows\system32\taskeng.exe. It is targetting C:\Program Files\Norton Security Suite\Engine\18.104.22.168\ccSvcHst.exe.
What happen I was hit with a Trojan along with a rootkit if that is even possible. I got on the screen a message that some AV Software, that I don't have, has detected all these malware items on my machine. I closed my browser and tried to launch Malwarebyte's Anti-Malware but it said that the exe was infected and could not start. I had SuperAntiSpyware running on the systray so I ran a scan with that and it found 1 rogue, 3 fake AV items. Removed them and rebooted. After reboot ran Malwarebytes and it found 3 other rogues, removed them and rebooted. Came back up and noticed my proxy settings were changed so I ran tdskiller. It found one item and rebooted. Then the computer would not boot up, it ran file scan and then wouldn't boot saying a file was damaged. Selected boot from last good and the machine came up and everything is running good but that one thing in Nortons.
Has anyone else heard of this? Is this even an infection of malware? I have done a search on the site on Unauthorized access blocked (Open Process Token) but didn't see a fix for this. So before I dig myself a hole I cannot get out of without reformatting the whole computer I thought I should ask the experts.
Thank you for your time.
Edited by Orange Blossom, 20 June 2010 - 10:54 PM.
Move to AII as no logs posted and prep. guide not followed. ~ OB