Question:
I have a really BAD virus that blocks safe mode and all of my anti-virus programs from running. Please help?
Daniel Y
2009-07-18 08:36:39 UTC
Hello My computer is still infected with a virus dry.gif s that blocks access to anti-spy ware programs. When I click the programs they say "Windows cannot access files because you might not have the proper permissions to access the item.". Also in website like Google when I click a search link it takes me to a website trying to sell stuff. Different every time. I also cannot access safe mode. I stopped some of the processes but it said you do not have permission to do so. Also I tried doing that to the start up things but it also won't let me. Sometimes Random websites pop up when I'm not even using the web browsers. Don't have them open either. There are random error notices that pop up. I'm really worried and I hope you guys can help. SO PLZZZZZ HELP ME OUT. This log came out from Combofix but the program can't fix anything..: I fear this virus will disable my computer soon because it get worse everyday please Hurry!@

ComboFix 09-07-14.08 - HP_Administrator 7/2009 Fri 22:23.1.2 - NTFSx86
执行位置: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
* 成功创造新还原点
.
/wow section - STAGE 完成项目——3
The syntax of the command is incorrect.

/wow section 未完成

((((((((((((((((((((((((( 2009-06-18 至 2009-07-18 的新的档案 )))))))))))))))))))))))))))))))
.

2009-07-18 03:19 . 2009-07-18 03:19 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-07-18 02:35 . 2009-07-18 02:35 17584 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\APTemp\AP1.exe
2009-07-18 02:31 . 2009-07-18 02:31 72053 ----a-w- c:\documents and settings\All Users\Application Data\Symantec\Symantec AntiVirus Corporate Edition\7.5\APTemp\AP0.exe
2009-07-18 00:23 . 2009-07-18 00:22 102664 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2009-07-18 00:22 . 2009-07-18 00:24 -------- d-----w- c:\documents and settings\HP_Administrator\.housecall6.6
2009-07-17 22:51 . 2009-07-17 22:51 2 --shatr- c:\windows\winstart.bat
2009-07-17 22:50 . 2009-07-17 22:50 34760 ----a-w- c:\windows\system32\drivers\Partizan.sys
2009-07-17 22:50 . 2009-07-17 22:50 32480 ----a-w- c:\windows\system32\Partizan.exe
2009-07-17 22:50 . 2009-07-17 20:45 12752 ----a-w- c:\windows\system32\drivers\UnHackMeDrv.sys
2009-07-17 22:50 . 2009-07-17 23:20 -------- d-----w- c:\program files\UnHackMe
2009-07-17 22:41 . 2009-07-17 22:41 2 ----a-w- c:\windows\0101120101465752.dat
2009-07-17 21:28 . 2009-07-17 21:28 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\ScanSpyware
2009-07-17 21:28 . 2008-09-07 22:22 8704 ----a-w- c:\windows\system32\ssbtsr.exe
2009-07-17 21:28 . 2009-07-17 21:28 -------- d-----w- c:\program files\ScanSpyware
2009-07-17 20:38 . 2009-07-17 21:41 180934 ----a-w- c:\windows\system32\wisdstr.exe
2009-07-17 20:10 . 2009-07-17 20:10 8192 ----a-w- c:\windows\system32\braviax.exe
2009-07-17 19:20 . 2009-07-17 19:20 -------- d-----w- c:\documents and settings\HP_Administrator\Paypal
2009-07-17 03:38 . 2009-07-17 03:38 15000 ----a-w- c:\windows\system32\ghaf8jkdfd.dll
2009-07-17 02:58 . 2009-07-17 03:48 -------- d-----w- c:\windows\cfig
2009-07-16 02:40 . 2009-07-16 02:41 -------- d-----w- C:\Perl
2009-07-15 02:16 . 2009-07-15 02:16 -------- d-----w- c:\documents and settings\All Users\Application Data\OptiTex
2009-07-15 02:08 . 2009-05-11 18:38 4608 ----a-w- c:\documents and settings\HP_Administrator\Application Data\DAZ 3D\Studio3\DAZ Built-in Content\Runtime\libraries\!DAZ\w9xpopen.exe
2009-07-15 02:08 . 2009-05-11 18:38 348160 ----a-w- c:\documents and settings\HP_Administrator\Application Data\DAZ 3D\Studio3\DAZ Built-in Content\Runtime\libraries\!DAZ\MSVCR71.dll
2009-07-15 02:08 . 2009-05-11 18:38 36 ----a-w- c:\documents and settings\HP_Administrator\Application Data\DAZ 3D\Studio3\DAZ Built-in Content\Runtime\libraries\!DAZ\DzCreateExPFiles-V4.bat
2009-07-15 02:08 . 2009-05-11 18:38 2341923 ----a-w- c:\documents and settings\HP_Administrator\Application Data\DAZ 3D\Studio3\DAZ Built-in Content\Runtime\libraries\!DAZ\DzCreateExPFiles.exe
2009-07-15 02:07 . 2009-07-15 02:07 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\DAZ 3D
2009-07-15 02:07 . 2009-07-15 02:07 -------- d-----w- c:\program files\Common Files\DAZ
2009-07-15 02:07 . 2009-07-15 02:07 -------- d-----w- c:\program files\DAZ 3D
2009-07-06 23:04 . 2009-07-06 23:04 -------- d-----w- c:\program files\Nsasoft
2009-07-06 22:59 . 2009-07-06 22:59 -------- d--h--w- c:\windows\PIF
2009-07-06 22:54 . 2009-07-05 23:37 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-07-06 22:01 . 2009-07-06 22:01 -------- d-----w- c:\program files\Password Recovery for Windows Live
2009-07-05 23:35 . 2009-07-05 23:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-07-05 23:35 . 2009-03-12 08:17 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2
Seven answers:
Gia
2009-07-18 08:51:04 UTC
I'm really interested in a good answer to this, cause I have almost the same things happening. I have the same thing with the search engines, and have never heard of anyone else have that happen,



I have malwarebytes, but the computer won't let me run it.

It also won't let me do a system restore



I'm on my laptop now, because it won't even let me go online anymore, even tho it says it's connected.



I'm glad you posted this~ good luck.
Delphine
2016-08-25 23:30:12 UTC
2
tianna
2016-05-27 01:41:05 UTC
NO anti-virus can ever be relied upon to give any where near 100% protection. None of them do, free or paid. Most only detect about 90 to 95% of all KNOWN viruses. When a brand new virus is released, NO signature-based anti-virus will detect it for several hours up to several days. Some never will detect a particular virus. And over 1200 new variants of viruses and other malware are created by the "black-hats" each and every day. You should consider an anti-virus program to be your "last line of defense". Safe internet surfing and downloading practices (NO warez, NO P2P, NO Limewire, NO torrents, sorry) along with maintaining your Windows and all your installed software with all critical updates and security patches should be your frontline defense.
Mike W
2009-07-18 08:41:18 UTC
Reinstall Windows.
?
2009-07-18 08:45:27 UTC
put new windows.....and fellow the step



download service pack 3



keep update windows from microsoft security center



for virus removal download removal tool.....



for more detail and how to safe ur pc visit

http://www.security-solution.50webs.com/index.html
drobb61
2009-07-18 08:42:34 UTC
Go to http://www.malwarebytes.org/ and download malwarebytes.

also go to http://www.safer-networking.org/index2.html and download spybot search and destroy. update both and run 1 after the other that should get rid of it.
Tony
2009-07-18 08:40:45 UTC
reinstall windows


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Continue reading on narkive:
Loading...