Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cant post [Solved]


  • This topic is locked This topic is locked

#16
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by BR (11-02-2019 15:09:58) Run:1
Running from C:\Users\BR\Downloads
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start

Unlock: C:\Program Files (x86)\TradeManager
C:\Program Files (x86)\TradeManager
Unlock: C:\Users\BR\AppData\Roaming\TaobaoProtect
C:\Users\BR\AppData\Roaming\TaobaoProtect
Unlock: C:\Program Files (x86)\Alibaba
C:\Program Files (x86)\Alibaba
Unlock: C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}
C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}
Unlock: C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}
C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}

End
*****************

"C:\Program Files (x86)\TradeManager" => was unlocked

"C:\Program Files (x86)\TradeManager" folder move:

Could not move "C:\Program Files (x86)\TradeManager" => Scheduled to move on reboot.

"C:\Users\BR\AppData\Roaming\TaobaoProtect" => not found
"C:\Users\BR\AppData\Roaming\TaobaoProtect" => not found
"C:\Program Files (x86)\Alibaba" => not found
"C:\Program Files (x86)\Alibaba" => not found
"C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}" => not found
"C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}" => not found
"C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}" => not found
"C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}" => not found

==== End of Fixlog 15:10:25 ====


  • 0

Advertisements


#17
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by BR (11-02-2019 15:09:58) Run:1
Running from C:\Users\BR\Downloads
Loaded Profiles: BR (Available Profiles: BRIAN & bcom & BR)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start

Unlock: C:\Program Files (x86)\TradeManager
C:\Program Files (x86)\TradeManager
Unlock: C:\Users\BR\AppData\Roaming\TaobaoProtect
C:\Users\BR\AppData\Roaming\TaobaoProtect
Unlock: C:\Program Files (x86)\Alibaba
C:\Program Files (x86)\Alibaba
Unlock: C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}
C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}
Unlock: C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}
C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}

End
*****************

"C:\Program Files (x86)\TradeManager" => was unlocked

"C:\Program Files (x86)\TradeManager" folder move:

Could not move "C:\Program Files (x86)\TradeManager" => Scheduled to move on reboot.

"C:\Users\BR\AppData\Roaming\TaobaoProtect" => not found
"C:\Users\BR\AppData\Roaming\TaobaoProtect" => not found
"C:\Program Files (x86)\Alibaba" => not found
"C:\Program Files (x86)\Alibaba" => not found
"C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}" => not found
"C:\Windows\System32\Tasks\{E16CF7E6-DF4D-44A7-BD43-F43C46E7E55A}" => not found
"C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}" => not found
"C:\Windows\System32\Tasks\{12FF90D0-0CA3-410B-8D51-6027360B341C}" => not found

==== End of Fixlog 15:10:25 ====


  • 0

#18
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts
Hi,

Please download GrantPerms and save it to your desktop.
Note: you need to download the version compatible with your system. If you do not know whether your system is 32 or 64 bit, download both versions and try to run them. Only one will run on your system, and that will be the right version.
  • Right-click on the .zip file and click Extract all. Extract the files to your Desktop.
  • Right-click on GrantPerms.exe/GrantPerms64.exe and select Run as Administrator.
  • Copy and paste the following into the edit box:
    C:\Program Files (x86)\TradeManager
  • Click Unlock. When it is done click "OK".
  • Click List Permissions. A log will open called Perms.txt. Copy and paste its contents into your next reply.
Note: Perms.txt is saved to the same directory GrantPerms is run from.

Thanks.
  • 0

#19
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

GrantPerms by Farbar
Ran by BR (administrator) at 2019-02-11 16:29:06

===============================================
\\?\C:\Program Files (x86)\TradeManager

   Owner: BUILTIN\Administrators

   DACL(NP)(AI):
   BUILTIN\Administrators   FULL   ALLOW   (CI)(OI)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (CI)(OI)
   BUILTIN\Users   READ/EXECUTE   ALLOW   (CI)(OI)
   NT SERVICE\TrustedInstaller   FULL   ALLOW   (I)
   NT SERVICE\TrustedInstaller   FULL   ALLOW   (CI)(IO)(I)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (I)
   NT AUTHORITY\SYSTEM   FULL   ALLOW   (CI)(OI)(IO)(I)
   BUILTIN\Administrators   FULL   ALLOW   (I)
   BUILTIN\Administrators   FULL   ALLOW   (CI)(OI)(IO)(I)
   BUILTIN\Users   READ/EXECUTE   ALLOW   (I)
   BUILTIN\Users   READ/EXECUTE   ALLOW   (CI)(OI)(IO)(I)
   CREATOR OWNER   FULL   ALLOW   (CI)(OI)(IO)(I)

================ End Of List ================


  • 0

#20
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts

Hi,

 

Highlight the contents of the below code box and press Ctrl + C:

Start::
 
C:\Program Files (x86)\TradeManager

End::
Right-click on FRST/FRST64 and select Run as Administrator.
Click on Fix.
Note - there is no need to paste the contents of the code box anywhere.
If your computer restarts, allow it to do so.
Once the fix is complete, a file called fixlog will be saved to the same directory as FRST. The log may open in Notepad as well.
Please copy and paste the contents of the fixlog into your next reply.

 

Thanks.


  • 0

#21
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2019 01
Ran by BR (11-02-2019 20:18:23) Run:1
Running from C:\Users\BR\Downloads
Loaded Profiles: BRIAN & bcom & BR (Available Profiles: BRIAN & bcom & BR)
Boot Mode: Normal
==============================================

fixlist content:
*****************

C:\Program Files (x86)\TradeManager

*****************

"C:\Program Files (x86)\TradeManager" folder move:

Could not move "C:\Program Files (x86)\TradeManager" => Scheduled to move on reboot.

==== End of Fixlog 20:18:46 ====


  • 0

#22
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts
Hi,

Download The Avenger by Swandog46 and save it to your desktop.
  • Right-click the zip folder and select Extract All. Extract the files to your Desktop.
  • Right-click on avenger.exe and select Run as Administrator.
  • Click on OK.
  • Make sure the box next to Scan for rootkits is checked, and Automatically disable any rootkits found is unchecked.
  • Copy and paste the following into the code box:
    Folders to delete:
    C:\Program Files (x86)\TradeManager
  • Click Execute.
  • When you receive the message Are you sure you want to execute the current script? click Yes.
  • You will then see First step completed --- The Avenger has been successfully set up to run on next boot. Reboot now? Click Yes.
  • Your computer will reboot.
  • The tool will create a log called avenger.txt. Please copy/paste its contents into your next reply.
  • Note: if the log does not automatically open, it can be found at C:\avenger.txt.

  • 0

#23
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Hello, downloaded Advenger  followed your instructions  but when I rebooted it did not make a file in C:\avenger.txt. or on my desktop. So I ran it again still no luck?


  • 0

#24
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts
Hi,

Can you check if the folder C:\Program Files (x86)\TradeManager is still there?
  • 0

#25
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

Yes it is still there


  • 0

Advertisements


#26
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts
Hi,

Download ComboFix and save it to your Desktop.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the code box below into it:
 
Folder::
C:\Program Files (x86)\TradeManager
Click on File > Save as. In the "Save as" window, navigate to the same location as ComboFix.exe. In the File Name box, type CFScript.txt - then click Save.


CFScriptB-4.gif

Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Thanks.
  • 0

#27
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

I get a lot of Error opening file for writing 

C;\32788R22FWJFW\023.dat

 I hit ignore and another one comes up , can not load it for some reason 


  • 0

#28
iMacg3

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,919 posts
Hi,

Press the Windows Key + R. This will open the run box.

Type combofix /uninstall and click OK. ComboFix will now uninstall.

Once it has finished, please follow the instructions in my earlier post again and let me know how it goes.

Thanks.
  • 0

#29
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

when I go to uninstall it I get this message

 Windows cannot find 'comcofix'. Make sure you typed the name correctly, and then try again

 

I tried loading it again same problem as before 


  • 0

#30
RUSTY2

RUSTY2

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 221 posts

I dont think combofix was installed 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP