A strange system process wont let me open my antivirus

December 11, 2011 at 14:37:24
Specs: Windows XP
My Comodo antivirus and Malwarebytes Anti mal-ware won't run, the following message always appears when I try to open them: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item". Also, in my task manager, a new system process has appeared, its called: 2406950801:1859684464.exe, and I'm unable to cancel it.
Could someone please help me remove this? I've been reading a bit about similar issues (in this post for example http://www.computing.net/answers/se... but the Gmer program wont run and I cannot download the DDS program. Any ideas on how I can remove this stuff?

See More: A strange system process wont let me open my antivirus

Report •

#1
December 12, 2011 at 19:46:43
Will be back shortly with instructions.

Thanks for your patience.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/Member of UNITE and the
Alliance of Security Analysis Professionals


Report •

#2
December 12, 2011 at 19:54:26
Oscar1,

Please do the following:

Step 1:

Please download DummyCreator.zip
http://download.bleepingcomputer.co...

Right-click the zip file, and select: Extract all…
Follow the prompts to extract

Open the new folder that appears on the Desktop
Double-click DummyCreator/DummyMaker to run the tool.

Now, copy/paste the following text into the blank area:


C:\WINDOWS\2406950801

Press the ‘Create’ button.
Save the content of the ‘Result.txt’ to your Desktop, to post along with the report of the next tool.

Step 2:

Important: Restart the computer!

Step 3:
Now, please remove any previous download of TDSSKiller (if used) and download the latest version:
http://support.kaspersky.com/downlo...

Execute the file:
XP: Double-click tdsskiller.exe to run the program
Windows 7: Right-click and select: Run as Administrator

Press the button: Start Scan

The tool scans and detects two object types:
'Malicious' (where the malware has been identified)
'Suspicious' (where the malware cannot be identified)

When the scan is over, the tool outputs a list of detected objects (Malicious or Suspicious) with their description.

It automatically selects an action ('Cure' or 'Delete') for 'Malicious' objects. Leave the setting as it is.

It also prompts the User to select an action to apply to 'Suspicious' objects ('Skip', by default). Leave the setting as it is.

After clicking 'Next/Continue', the tool applies the selected actions.


A Reboot Required prompt may appear after a disinfection. Please reboot.


By default, the tool outputs its log to the system disk root folder (the disk with the Windows operating system, normally C:\.

Logs have a name like:
C:\TDSSKiller.2.4.7_23.07.2011_15.31.43_log.txt

Please post the TDSSKiller log in your reply

You need to post:
[*]The Dummy Creator ‘Result.txt’
[*]The ‘TDSSKiller’ report
[*]Whether a reboot was required by TDSSKiller

Thanks.

~~~~
Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/Member of UNITE and the
Alliance of Security Analysis Professionals


Report •
Related Solutions


Ask Question