Hello,

There is a computer I have that seems to have a malicious malware and hoping that there is a solution to this.

The malware started to appear once I typed in a word for google to check. I never got the answer from google however I was whisked away to a web site called "prepaidcardsupport.net" which seemed funny as that I was searching for risotto recipes. A whois showed me that this web site was in India it raised some suspicions.

I installed from Trend HijackThis and it seemed to start okay but after a second, the application closed. Quite obviously I attempted to restart the application and I notices that I did not have permission to use the application.

Interesting note that this same thing happened with the McAfee anti-virus it had. For some reason the malware in question is stopping permissions to run the application and I have to place them back in. I restart the application and once again it starts and then it closes.

Has anyone a solution to this?

Kindest Regards

Right click hijackthis.exe and rename it to foolyou.exe or something like that and try to post a hijackthis log. Thanks.

Hello Neal,

Thanks for the response and it is appretiated.

I have seen this response at a different post and I did what was said. The good thing is that HijackThis.exe is a single application and I could even copy it on to the desktop as well as changed the name.

The unfortunate thing is that it didn't work.

Even though I renamed the application, this Trojan or malware appears to be smart enough to see the file as something that will change the registry where it closes the application and then changes the permission to the application file itself.

This had happened to a number of applications that accesses the registry such as regedit, McAfee, Easy Clean, PC Tools, as well as HijackThis so when you click on the shortcut icon (or the application itself) it states that you haven't permission to execute the application. You have to go into properties and change the permission from the parents down to the children to execute it.

So far I can change the permission and re-execute the application but I am unable to fully execute the application in order to get the log file so to transpose across because of that Trojan or malware.

This one is a doosie

Thanks again and am interested in the reply.

Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

Link 1
Link 2

Disable all security programs(virus, antispyware that you can)






--------------------------------------------------------------------

Double click on Combo-Fix.exe & follow the prompts.[list]When finished, it will produce a report for you. [*]Please post the C:\ComboFix.txt

Hello Neal,

Thanks for the information.

Actually... I found this information during the day while googling on "malware changing permissions" and I came across this same thing.

Well that actually worked and it took out the offending malware.

Interesting is that this malware actually stopped google searches linking anything regarding malware.

This fracking thing was an absolute monster but with the above instructions, it was finally removed.

Thanx