Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No icons, Toolbar - just wallpaper.


  • Please log in to reply
4 replies to this topic

#1 dstabsr

dstabsr

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 27 November 2009 - 11:24 AM

Hi hope everyone had a decent Thanksgiving. My problem is similar to swfcrob posted earlier. It all started with the Anti-virus 2010 pop-ups. The only way to navigate is through task manager. I could not run Adware AE or mbam. I tried to rename mbam.exe and got message "Cannot rename mbam:Access is denied. Make sure the disk is not full or write protected and file is not in use."

I then tried system restore only to get "System restore has been turned off by group policy. To turn on system restore, contact your domain administrator."

I was able to run an online scan by ESET. here's the log
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=9e232b5a0f3ed442a32dee0478cdb1a6
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-11-25 05:44:38
# local_time=2009-11-25 12:44:38 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 3175716 3175716 0 0
# scanned=54331
# found=6
# cleaned=5
# scan_time=1458
C:\WINDOWS\braviax.exe Win32/TrojanDownloader.FakeAlert.AGA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\cru629.dat Win32/Small.EJX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\svchast.exe Win32/Adware.WindowsAntivirusPro application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\braviax.exe Win32/TrojanDownloader.FakeAlert.AGA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\cru629.dat Win32/Small.EJX trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\WINDOWS\system32\drivers\beep.sys Win32/UltimateDefender.A trojan (unable to clean) 00000000000000000000000000000000 I

Also google gets hijacked. It takes me to places I don't want to go to. Any help is greatly appreciated. Thanks.
Dom

BC AdBot (Login to Remove)

 


#2 dstabsr

dstabsr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 27 November 2009 - 11:33 AM

Forgot to mention I am running Windows XP home.

#3 dstabsr

dstabsr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 27 November 2009 - 06:17 PM

Update. It looks like everyone is very busy today. Since my morning post, I read a few posts with similar problems to mine. I reinstalled Mbam and renamed it zztoys.exe. It got ten seconds into the scan before it stopped. I tried to rename the mbam.exe file and got the same error message as before. I should just reformat, but the system did not come with software CD. Is there a way to reformat without the CD? Waiting for instructions. Thanks.

#4 dstabsr

dstabsr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 28 November 2009 - 04:37 PM

Additional info I should have made on the fiest post. After the pop ups all I would get is the background, no icons or toolbars. Adware Ae will not start and mbam starts to scan and stops after 4 seconds. I am also unable to run explorer.exe. I get an error message " Windows can not access the specified device path or file. You may not have the appropriate permissions to access the item."

#5 dstabsr

dstabsr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 28 November 2009 - 10:03 PM

You can close this post. I reformatted the drive. Thanks for your response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users