Author Topic: Windows Command Processor pop up keep asking for permission  (Read 5546 times)

Offline xcelestialx

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Windows Command Processor pop up keep asking for permission
« on: October 14, 2011, 01:30:34 PM »
Hi, i have a problem with my computer. I'm using a windows 7 sony vaio SB28GG laptop. recently i've had this annoying Windows Command Processor pop up that will keep prompting for permission even when i click No. this occurs every second after i click yes or no. it says program location is C:\windows\sysWOW64\cmd.exe and C:\users\<username>\Appdata\Local\Temp\pggumkoakrdygqne.exe

i ran a full scan on avast and also malwarebytes anti malware. they both came up with some infections and i removed them but when i restart my laptop the pop up appears again. any help? @@

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28970
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #1 on: October 14, 2011, 06:34:30 PM »
That is malware - locate the file from the Avast chest and upload as a suspicious file

THEN

Download OTL  to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
C:\Windows\assembly\tmp\U\*.* /s
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Attach both logs

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21683
  • Gender: Male
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #2 on: October 14, 2011, 06:36:00 PM »
Quote
C:\users\<username>\Appdata\Local\Temp\pggumkoakrdygqne.exe
 C:\windows\sysWOW64\cmd.exe
upload suspicious file(s) to www.virustotal.com and test with 43 malware scanners
when you have the result, copy the url in the address bar and post it here for us to see


alternative
Jotti     http://virusscan.jotti.org/en
VirSCAN   http://virscan.org/
Metascan   http://www.metascan-online.com/
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline xcelestialx

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #3 on: October 14, 2011, 07:44:13 PM »
heh thanks for the reply! sorry though, i deleted the malware file yesterday after malwarebytes couldn't remove the malware. so sorry!! i hope i didnt make it more complicated  :-X :-X the problem still persists though. heres the OTL log.

thanks for the help!

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28970
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #4 on: October 14, 2011, 07:57:22 PM »
OK try this  ;D

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Quote
    :OTL
    O4 - HKU\S-1-5-21-4191096255-2624141335-3855073267-1000..\Run: [XbiAkipt] C:\Users\yinghan\AppData\Local\puqnaigd\xbiakipt.exe ()
    O4 - Startup: C:\Users\yinghan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\xbiakipt.exe ()
    [2011/10/13 20:26:19 | 000,000,000 | ---D | C] -- C:\Users\yinghan\AppData\Local\puqnaigd

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Offline xcelestialx

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #5 on: October 14, 2011, 08:22:53 PM »
i pasted it and run fix and a blue screen appeared. something around stop error with dumping physical memory at the bottom. something about shut down to prevent something .. should i try again?

by the way, since i got this virus, my skype doesn't function properly. it always say that it has an unexpected error and thus have stopped working. only when i restart .. does it have anything to do with the malware? i tried redownloading and reinstalling but meh =/

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28970
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #6 on: October 14, 2011, 08:28:11 PM »
OK lets up the ante

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks




  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

Offline xcelestialx

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #7 on: October 14, 2011, 08:46:23 PM »
thanks for the quick reply. heres the log

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28970
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #8 on: October 14, 2011, 08:51:57 PM »
OK that took most of it out now for the remainder.  On completion could you let me know of any remaining problems 

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
3. Open notepad and copy/paste the text in the quotebox below into it:
Quote
Folder::
c:\users\yinghan\AppData\Local\puqnaigd

Save this as CFScript.txt, in the same location as ComboFix.exe


Refering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Offline xcelestialx

  • Newbie
  • *
  • Posts: 5
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #9 on: October 14, 2011, 10:03:57 PM »
wow thanks! i realised the pop up is gone! thank you so much. this is my log for the combofix

by the way, am i supposed to run malware bytes together with avast?

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28970
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #10 on: October 15, 2011, 11:29:49 AM »
Yes they complement each other quite nicely

If all is well tomorrow let me know and I will remove my tools


Offline user27

  • Newbie
  • *
  • Posts: 1
    • Personal Message (Offline)
Re: Windows Command Processor pop up keep asking for permission
« Reply #11 on: March 14, 2012, 10:15:33 PM »
I have this same problem but the problem .exe has a different name; I guess the name is just randomly generated?

Does anybody know what it is?

Thanks, Alex

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now