None of my malware programs will open or run. When I try to open them, it says “Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item”
I downloaded and reinstalled mbam and began a scan, but it closed after a few seconds and wouldn’t open.
I tried SuperAnti-Spyware online scanner. It finds Trojan.Dropper/SVCHost-Fake during the first few seconds, but then it eventually closes.
HJT won’t open, nor will Hitman Pro, OTH or OTL.
Avast is turned off and I cannot restart it.
Tried Combofix at the suggestion of BleepingComputer forum, but I was told Access Denied.
Antivirus 2010 was originally popping up every time I booted up, but I removed it with CCleaner and haven’t seen it since.
Have you had success with this particular variant?
I’m concerned about possible identity theft. I’ve had this virus for at least two days now. At what point should I start contacting my financial providers?
Looking at this I would suspect a key/password stealer straight off. So this is the warning I would give
One or more of the identified infections is a backdoor Trojan and a key logger.
If this computer is ever used for on-line banking, I suggest you do the following immediately:
Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
From a clean computer, change ALL your on-line passwords for email, for banks, financial accounts, PayPal, eBay, on-line companies, any on-line forums or groups you belong to.
Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.
I feel the only way to tackle this will be outside of windows initially - Using either Dr Web or this analysis programme
Please print these instruction out so that you know what you are doing
[*]Download OTLPENet.exe to your desktop
[*]Download the attached scan.txt
[*]Ensure that you have a blank CD in the drive
[*]Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
[*]Reboot your system using the boot CD you just created. Note : If you do not know how to set your computer to boot from CD follow the steps here
[*]As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
[*]Your system should now display a Reatogo desktop. Note : as you are running from CD it is not exactly speedy
[*]Double-click on the OTLPE icon.
[*]Select the Windows folder of the infected drive if it asks for a location
[*]When asked “Do you wish to load the remote registry”, select Yes
[*]When asked “Do you wish to load remote user profile(s) for scanning”, select Yes
[*]Ensure the box “Automatically Load All Remaining Users” is checked and press OK
[*]OTL should now start.
[*]Double click the Custom scans and fixes box
[*]In the dialogue locate the scan.txt you have on the USB
[*]Press Run Scan to start the scan.
[*]When finished, the file will be saved in drive C:\OTL.txt
[*]Copy this file to your USB drive if you do not have internet connection on this system.
[*]Right click the file and select send to : select the USB drive.
[*]Confirm that it has copied to the USB drive by selecting it
[*]You can backup any files that you wish from this OS
[*]Please post the contents of the C:\OTL.txt file in your reply.
