BleepingComputer.com: antivirus not working

i have it in my download files and in the desktop too ....

Right click on the desktop file combofix.exe and select Properties. On the first tab, do you see a Target or Location? If so can you tell me what is shown there?

what i have in my desktop is SHORTCUT TO COMBOFIX
and theres no target or location, it only says FIND TARGET.
Did I do it all wrong? perhaps we need to start all over again?
I'm really sorry Elise.

No problem. Right click on combofix.exe there and click Cut, now right click on your desktop and click Paste.
You should now have combofix.exe on your desktop. Double click on this and see if it will run.

Hi Elise, thank you for being patient. But can I just download combofix.exe again?
please tell me how to do it, cause i tried this cut and paste thing but still it didn't run.

josh

In that case, right click on the following link: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Select "Save link/target as"
Save the file as combofix.exe to your desktop (click the Desktop button in the left panel, click Save).

The file should now be downloaded directly to your desktop.

Okay, I'm really having a headache now... I'm really, really lost.
I have downloaded combofix again so now its the combofix(3) in my file.
I have tried to delete the other two but it didn't allow me to delete it.
I have saved the combofix that I have just downloaded now but it went directly to
my DOWNLOADS folder, not in my desktop. I went to the DOWNLOADS folder and click
CUT and went to my desktop and click PASTE. For some reasons, it didn't allow me
to perform the said action and it said that "make sure that the dick is not full
or protected" something like that...
Elise... still got patience for me?
Is there anyway that we could chat or we can only talk here? I mean, just trying to find
a faster way to communicate.

We can chat using IRC if you'd like that.

You can use the Web client: http://www.bleepingcomputer.com/webchat/

My IRC nick is Elise, feel free to give me a nudge.

hi Elise, how are you?
can we talk in the chatroom?

Hi Josh, how are things running now? Have you been able to run Junction as discussed?

Hi Elise, this is the yext that I got:

Junction v1.06 - Windows junction creator and reparse point viewer
Copyright © 2000-2010 Mark Russinovich
Sysinternals - www.sysinternals.com


Failed to open \\?\c:\\hiberfil.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\pagefile.sys: The process cannot access the file because it is being used by another process.



Failed to open \\?\c:\\System Volume Information: Access is denied.


...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...

...


Failed to open \\?\c:\\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(1).exe: Access is denied.



Failed to open \\?\c:\\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(2).exe: Access is denied.



Failed to open \\?\c:\\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(3).exe: Access is denied.



Failed to open \\?\c:\\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix.exe: Access is denied.


...

...

...

...

...

...

...

.
Failed to open \\?\c:\\Program Files\Avira\AntiVir Desktop\avscan.exe: Access is denied.


..

...

...

...

...
Failed to open \\?\c:\\Program Files\Google\Chrome\Application\chrome.exe: Access is denied.




...

...

...

...

...

...

...

...

...

...

...

...


Failed to open \\?\c:\\WINDOWS\$NtUninstallKB37241$: Access is denied.


...

...

...

...

...

...

\\?\c:\\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790
Substitute Name: C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790


Failed to open \\?\c:\\WINDOWS\assembly\GAC_MSIL\Desktop(2).ini: Access is denied.



Failed to open \\?\c:\\WINDOWS\assembly\GAC_MSIL\Desktop.ini: Access is denied.


\\?\c:\\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a: JUNCTION
Print Name : C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e
Substitute Name: C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e

...

...

...

...

...

...

...


Failed to open \\?\c:\\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch.536.2117093: Access is denied.



Failed to open \\?\c:\\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CONFIG\security.config.cch.536.2117093: Access is denied.


...

...

...


Failed to open \\?\c:\\WINDOWS\system32\MRT.exe: Access is denied.


...

...

...

..

Please go to your Downloads folder and double click on GrantPerms.exe or GrantPerms64.exe
Copy and paste the following in the edit box:

c:\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(1).exe
c:\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(2).exe
c:\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix(3).exe
c:\Documents and Settings\Dewagede\My Documents\Downloads\ComboFix.exe
c:\Program Files\Avira\AntiVir Desktop\avscan.exe
c:\Program Files\Google\Chrome\Application\chrome.exe
c:\WINDOWS\$NtUninstallKB37241$
c:\WINDOWS\system32\MRT.exe

Click Unlock. When it is done click "OK".
Click List Permissions and post the result (Perms.txt) that pops up. A copy of Perms.txt will be saved in the same directory the tool is run.

i did what u tell me, i posted the text in the edit box and clicked unlock...after that it disappears and no pop-ups appeared.

How are things running at this moment?

Can you please rerun Combofix (just double click on it to run it). If it asks you to update, click Yes.

still no pop up.... for this Grantperms.
I rerun combofix and it did run... a black box appeared with some green text running, but it
didn't ask me to update.