Cmd.exe Error
- Thread starter CrmDcoco
- Start date
- Status
HJT log
Here is the HJT log.
I have installed ESET NOD32 from McAfee Virusscan Enterprise Edition(which is what was running when I got infected) and it found and removed "starbr.exe", and "msnsgrs.exe"
I also installed an ran Spyware Doctor, but it found nothing.
Whats the next step?
CRM
Here is the HJT log.
I have installed ESET NOD32 from McAfee Virusscan Enterprise Edition(which is what was running when I got infected) and it found and removed "starbr.exe", and "msnsgrs.exe"
I also installed an ran Spyware Doctor, but it found nothing.
Whats the next step?
CRM
Few Problems...
Combofix.exe produces the same results as when trying to run CMD.EXE...
a popup says "Another program is currently using this file.
AVG Antispyware renders the computer useless. The mouse moves, but all other requests seem to go ignored. I cant even shutdown normally. I can go into safe mode and remove AVG, then the computer responds as normal.
Any ideas? Should I remove my spyware program (Spyware Doctor) and try to install AVG again?
CRM
Combofix.exe produces the same results as when trying to run CMD.EXE...
a popup says "Another program is currently using this file.
AVG Antispyware renders the computer useless. The mouse moves, but all other requests seem to go ignored. I cant even shutdown normally. I can go into safe mode and remove AVG, then the computer responds as normal.
Any ideas? Should I remove my spyware program (Spyware Doctor) and try to install AVG again?
CRM
BlameCanada
Posts: 314 +0
Did you do Step 1 properly ?
Disable anti virus programs,anti spyware programs and any real time monitoring progs.
Disable anti virus programs,anti spyware programs and any real time monitoring progs.
BlameCanada said:
STEP1:
Malware Removal: Temporarily Disable Real Time Monitoring Programs.
See these instructions on how to disable some of the more common real time monitoring programmes. Thanks to CastleCops for the info.
Step one says nothing about disabling antivirus proggies. I did however, turn off real time monitoring on my installed spyware program.
CRM
BlameCanada
Posts: 314 +0
I think these are your problems,but I`m not a spyware expert,so either wait for
one to arrive or do your own googling.
D:\Program Files\SnadBoy's Revelation v2\Revelation.exe -> Not-A-Virus.PSWTool.Win32.SnadBoy.2011 :
D:\Program Files\SnadBoy's Revelation v2\RevelationHelper.dll -> Not-A-Virus.PSWTool.Win32.SnadBoy.2011 :
D:\Program Files\Radmin\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\admdll.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\r_server.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.21
one to arrive or do your own googling.
D:\Program Files\SnadBoy's Revelation v2\Revelation.exe -> Not-A-Virus.PSWTool.Win32.SnadBoy.2011 :
D:\Program Files\SnadBoy's Revelation v2\RevelationHelper.dll -> Not-A-Virus.PSWTool.Win32.SnadBoy.2011 :
D:\Program Files\Radmin\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\admdll.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\raddrv.dll -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.20 :
C:\WINNT\system32\r_server.exe -> Not-A-Virus.RemoteAdmin.Win32.RAdmin.21
Thanx to all who helped. This system is back in primo condition now.
The problem was a virus. I ended up restoring the system state from tape backup. Once I got ahold of the cmd.exe file again, combofix ran and caught the little buggar.
One correction mentioned earlier. I was running Network Associates Virusscan Enterprise Edition when I got infected, and not McAfee. I am now running ESET NOD32.
CRM
The problem was a virus. I ended up restoring the system state from tape backup. Once I got ahold of the cmd.exe file again, combofix ran and caught the little buggar.
One correction mentioned earlier. I was running Network Associates Virusscan Enterprise Edition when I got infected, and not McAfee. I am now running ESET NOD32.
CRM
- Status
Similar threads
