Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nagivating the command interface.. help.


  • Please log in to reply
6 replies to this topic

#1 redrum91825

redrum91825

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 02 March 2017 - 10:31 AM

I'm such a noob at using it, but i'm trying to use it to locate a virus hidding itself. I know where it is by the directory, but the actual folder it's in appears to be hidden. Even with "show hidden folders and files" enabled.

By default the command interface starts me in the directory for system 32. I need to be in Users>app data.
I think i finally got the command right to take me where i need to be, "C:\Windows>cd>c:\users".
But when i punch enter, i get "Acces is denied".. why?

Did i do something wrong or am i being genuinly denied access to the users folder?

I need to reach users>appdata>local>temp.

I suck at this and need some help, thanks.


Edited by hamluis, 03 March 2017 - 12:03 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:50 PM

Posted 02 March 2017 - 10:44 AM

c:\> cd users <enter>

c:\users> cd [acct name] <enter>

c:\users\[acct name]> cd appdata <enter>

now, where you want to go from there, local, roaming, or locallow, you have cd [place] <enter>

One can also "tree-climb" via the explorer.exe; either way will take you there.


Edited by RolandJS, 02 March 2017 - 10:45 AM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#3 redrum91825

redrum91825
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:50 AM

Posted 02 March 2017 - 11:08 AM

Thanks for the reply.

Still having problems though. Typing in "c:\> cd users" results in "C:\ Not recognized"

At the moment the directory is C:\Windows which is i'm assuming why i'm getting the error.

So typing in what you said, looks like this for me at the moment. C:\Windows>c:\>cd users (i was able to switch from system 32 at least)

Is it because of the "windows" part? I don't know how to start fresh just going from the C drive, and not c drive>Windows.
But if i'm putting in "cd" that shouldn't matter right?



 


Edited by hamluis, 02 March 2017 - 01:39 PM.


#4 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:50 PM

Posted 02 March 2017 - 12:43 PM

My example has you starting from the root directory of your "c drive" -- hence c:\>

If you're starting from the Windows directory, I cannot remember the command to jump you from Windows to Users.

 

I forgot to mention, anytime one needs to get the Root directory, from anywhere, from any sub-directory:  c:\wherever>cd\ <enter>


Edited by RolandJS, 03 March 2017 - 12:18 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#5 sjpritch25

sjpritch25

  • Security Colleague
  • 898 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast of Florida, USA
  • Local time:09:50 PM

Posted 03 March 2017 - 09:42 AM

Thanks for the reply.

Still having problems though. Typing in "c:\> cd users" results in "C:\ Not recognized"

At the moment the directory is C:\Windows which is i'm assuming why i'm getting the error.

So typing in what you said, looks like this for me at the moment. C:\Windows>c:\>cd users (i was able to switch from system 32 at least)

Is it because of the "windows" part? I don't know how to start fresh just going from the C drive, and not c drive>Windows.
But if i'm putting in "cd" that shouldn't matter right?



 

cd %userprofile%


Microsoft MVP Consumer Security--2007-2010

#6 RolandJS

RolandJS

  • Members
  • 4,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:50 PM

Posted 03 March 2017 - 11:13 AM

[dc3's got this; gone]


Edited by RolandJS, 03 March 2017 - 12:18 PM.

"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,391 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:06:50 PM

Posted 03 March 2017 - 12:12 PM

I would suggest running security scans to find and either quarantine or remove the malware.
 
Please run the following scan in the order they are requested and then post the logs in your topic.  Do not use a host website to post the logs.  Please don't use code to post the logs either.
 
Please run Malwarebytes AntiMalware

Please download Malwarebytes Anti-Malware.

1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.

2)  Malwarebytes will automatically open.  You will see an image like the one below, click on Update Now.  

mbam1_zps98e7fba9.png

3)  Click on Settings, you will see a image like the one below.

malware%20settings_zpsixkea5sd.png

When Settings opens click on Detection and Protection, then under Non-Malware Protection, click on the down arrow for PUP (Potentially Unwanted Programs) detections and select Treat detections as malware.  Under Detection Options place a check in the box for Scan for rootkits

4)  Click on Scan (next to Settings), then click on Scan Now.  The scan will automatically run now.

5)  When the scan is complete the results will be displayed.  Click on Delete All.

malwarenew_zps34b58fdc.png

6)  Please post the Malwarebytes log.

To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the entire log in your topic.
 
 
Please run AdwCleaner

Please download AdwCleaner and install it.

When AdwCleaner opens you will see an image like the one below.

adwcleaner11_zps48314883.png

Click on Scan to start the scan.

Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.

If there are no malicious programs are found you will receive the following message.

adwcleaner%20111_zpsiduqrrrp.png  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be closed so that the infections can be removed.  Click on OK.  The computer will be restarted to complete the cleaning process.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your topic.
 
 
Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.

The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!

Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.

Note:  The log may be very long.  You may need to break it into parts to post the whole log.

Post this in your topic.


Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that
    here
    .
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats ([color=redonly available if ESET Online Scanner found something
  • ).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 03 March 2017 - 12:14 PM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users