Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Device Can Generate Master Keys From Valid or Expired Hotel Keys

Featured Deal: Pay What You Want Complete Cyber Security Certification Bundle Deal

Photo

3 PCs So far, No Internet, Can't use CMD as Administrator, Same as Powershell

Started by salcameli , May 04 2017 02:06 PM

  • This topic is locked This topic is locked
7 replies to this topic

#1 salcameli

salcameli

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 04 May 2017 - 02:06 PM

Hello All,

 

3 PCs infected in two days, Internet browsing does not work.  I Ran RKILL, JRT, then ADWcleaner and they each find a couple things but ADW locks up and cannot remove the infections.

 

I cannot use CMD.exe as Administrator,  Neither can I run Powershell.exe as Administrator

 

On one of the PCs I uninstalled Chrome, tried CobmoFix and then rebooted and installed Chrome again and that worked but then after the next reboot Chrome stopped working again.

 

Anybody have any suggestions?

 

Thanks,

 

Sal Cameli

 

 


BC AdBot (Login to Remove)

 

#2 salcameli

salcameli
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 05 May 2017 - 01:52 PM

ESET finds nothing,  Malwarebytes as well,  finds nothing.  I checked the Hosts and LMhosts files.   all look fine.

 

CMD.exe does not work at all,  standard user or administrator.

 

New Profile does not fix this issue.

 

There is a new user named "TrustedInstaller" and he has Full admin rights,  Administrator does any longer


#3 salcameli

salcameli
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 05 May 2017 - 02:26 PM

I searched the PC for CMD.exe and I found 4 of them,  two of them I can run as administrator..

 

I tried flush dns and regster dns but after reboot did nothing,


#4 salcameli

salcameli
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 20 May 2017 - 09:00 PM

I reformatted those 3 PCs but now I have another one with the Same issue.

 

CMD.exe gets replaced by a version that does not bring up the C:\ prompt. it just hangs with a black screen,  you have to crash it.

 

All browsers do not open at all.

 

I run RKILL,  JRT, ADW & ComboFix and then reboot and CMD.exe works again and browsers work.   

BUT after another reboot same issue happens,   

To fix again I need to run the 4 programs above again.  

I'm going to attempt to remove all versions of CMD.exe, maybe that'll help?

 


#5 salcameli

salcameli
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 21 May 2017 - 12:10 PM

Restarted last night and same thing, on boot-up CMD.exe does not work and Browsers don't work.  Ran ComboFix and didn't even reboot and it fixed the PC,  as soon as ComboFix was done iTunes popped up to install a new version.

 

And I can come here.

 

Anybody want the logs?,   I'm going to re-clone this PC today.  Clients needs it working 100% 9AM tomorrow.  


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 09 June 2017 - 10:44 AM

We should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 salcameli

salcameli
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
    •  
  • Local time:04:32 PM

Posted 12 June 2017 - 09:00 PM

18 Days later?,    All 4 PCs have been reformatted 14 days ago.   I just unsubscribed from this board because it's worthless.  


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,760 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 13 June 2017 - 09:16 AM

Topic Closed member did not follow Guide instructions...
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook
Back to Am I infected? What do I do?


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users


  1. BleepingComputer.com
  2. Security
  3. Am I infected? What do I do?
  4. Privacy Policy
  5. Rules ·