Windows Command Processor virus issue

hello there people hope you’re all well :slight_smile: i’ve had 1 really annoying issue on my laptop. im not amazingly well with computers but im not bad at following instruction but anyway i know there have been posts related to the Windows Command Processor pop up, posted on this forum and i have had a look at them trying to fix the error but im getting no where so i thought id make a post myself. Recently i’ve been getting the Windows Command Processor pop up every time i turn on my laptop…asking me to make changes to my computer.

Ive got Avast the free version and Malwarebytes. Malware bytes doesnt open and gives me an error message sayin the files need to be updated so i did and it still didnt open and keeps giving errors. Also skype doesnt run properly and crashes most of the time i open it and same with FL Studio and MSN. Even my browsers close by them selves sometimes. I barely got Avast to open up after several reinstalls and uninstalls and then i ran a scan and it found lots of threats which i then deleted and restarted my computer but the pop up still appears.

Also when i restarted my computer, i was asked to repair my files or restore and i clicked on that and it didnt work for quite a while and luckily it worked and now im posting this. Is there anything i can do to fix this issue. Im planning not to turn off my laptop for quite a while, really scared it wont turn back on again or will take ages. Ill really appreciate any help you guys can give me. Sorry if im being a pain :frowning: got so much work to complete too

Malware bytes doesnt open and gives me an error message sayin the files need to be updated
try this

go to C:\programfiles\malwarebytes\chamelon

on top you see a icon with a question mark…double click it
a vindow opens with lots of “Test now” buttons… click one see attached screen shot
a black dos box opens that say “click any key to continue” do that…and wait

MBAM will now try to update…then stop all malicious process…then start a quick scan

Post the log when scan is done

also follow this guide and attach logs from OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0

a removal specialist will then have a look…

hey thanks a lot, it opened up and i did the scan and got rid of 7 things. now i’ll follow the guide and post the log soon :smiley:

here are the logs from OTL…by the way, after the malwarebytes scan …the pop still shows up.

heres the aswMBR log :slight_smile: thanks to everyone thats helping :smiley:

and Malwarebytes log :wink:

Hi…

This system unfortunately has the Zero Access rootkit on it.

You need to stop using all Internet Banking sites, change passwords to all sites with sensitive information from a clean computer and phone your bank to inform them that you may be a victim of identify theft.

After the new MBAM log I can give you more intructions.

damn lol thats the last thing i wanted to hear. ill post the log soon

thats the mbam log :slight_smile:

You said above it removed 7 things…is this not that log ?
This log say “no action taken” You must click the removed selected button to quarantine what is detected

Anyway jeffce will hjelp You with the removal.

ah i didnt save the log when i removed 7. so i went through the steps you gave to get mbytes to open and did the scan and uploaded the new log which found 3 infections and lol i saved that and uploaded it and after that i clicked remove so i did take action xD my bad

[list]Hi,

I need to check something out…please do the following:

ESET Online Scanner
I’d like us to scan your machine with ESET Online Scan

Note: It is recommended to disable on-board anti-virus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don’t go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your anti-virus along with your anti-spyware programs.

[]Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
[
]Click the
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetOnline.png
button.
[]For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)[list=1]
[*]Click on
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstall.png
to download the ESET Smart Installer. Save it to your desktop.
[
]Double click on the
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetSmartInstallDesktopIcon.png
icon on your desktop.

[*]Check
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetAcceptTerms.png

[*]Click the Start button.
[]Accept any security warnings from your browser.
[
]Check
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetScanArchives.png

[*]Make sure that the option “Remove found threats” is Unchecked
[*]Push the Start button.
[]ESET will then download updates for itself, install itself, and begin
scanning your computer. Please be patient as this can take some time.
[
]When the scan completes, push
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetListThreats.png

[*]Push
http://billy-oneal.com/Canned%20Speeches/speechimages/eset/esetExport.png
, and save the file to your desktop using a unique name, such as
ESETScan. Include the contents of this report in your next reply.
[*]Push the Back button.
[*]Push Finish

http://www.eset.com/onlinescan/

heres the scan log :slight_smile:

Hi Rick (I hope it’s ok to call you that),

Please download the following programmes to your desktop:

Dr Web Live CD

ImgBurn

Install IMGBurn

[]Double click Dr Web
[
]IMGBurn will open
[*]Burn the ISO to a cd

[]Reboot the infected computer with the CD in the drive
[
]Ensure that the first boot device is CD - If you are not sure about that then see this page for instructions
[*]As loading starts, a dialogue window will prompt you to choose between the standard and safe modes.

http://i1224.photobucket.com/albums/ee362/Essexboy3/Dr%20Web%20shots/livecdbootscreen.gif

[*]Use arrow keys to select DrWeb-LiveCD (Default)

[*]When the system is loaded, check the disks or folders you want to scan, and click on “Start”.

http://i1224.photobucket.com/albums/ee362/Essexboy3/Dr%20Web%20shots/livecdDriveselection.gif

[]The programme will now scan for and cure/delete any malware that it finds. Allow it to do so
[
]Once completed reboot to normal windows
[*]No log is produced so once in normal windows run a fresh OTL scan and let me know if the problems persist

will that erase any of my files or programs?

Hi,

will that erase any of my files or programs
No not anything you want anyway.

Unfortunately you have both the ZeroAccess rootkit and Ramnit on your system. They are both incredibly bad infections that need to be removed and it may be quite difficult just so that you are aware.

Is it normal for the scan to take quite a long time? Not that im in a hurry but it has been about 5 hours since i did the Dr Web cd boot you told me to do.

Hi Rick,

Yes it may take quite some time for it to finish. I appreciate your patience while it is running. You have two of the most serious infections on your system that there are today. It may take quite some time to complete.

hi :slight_smile: ok i just realised that i followed the screenshots u posted correctly but…i clicked on the DrWeb live cd (defualt) as it is shown on the first screenshot but straight after that it doesnt go into the desktop screen…instead its a blank screen with the same layout as the first screen shot but it shows options such as : graphics mode, start shell, start midnight commander, start Dr Web Scanner, start Dr Web Update, create live usb, select language, xorg configurationm, network configuration, report bug, restart, shut down, eject and shut down.

i clicked on start Dr Web Scanner and then a blank screen showed up and a scan was taking place. like the entire screen was showing file paths or links or whatever theyre called pardon me lol…but yeah hopefully i clicked the right thing.