BleepingComputer.com: Cannot run DDS or GMER

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

Cannot run DDS or GMER

#1 User is offline   miwitte 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 23
  • Joined: 05-July 10

Posted 06 July 2011 - 08:36 PM

First before anyone tells me to try to run these tools I have tried. I have posted here a week ago and no one responded. If you guys cant help then please post that and I will reformat the machine and re-install.

I thought someone might be interested this is a very unique issue that I cant find a way to run the tools. The issue is that if you run gmer.exe or rkill.exe or any other .exe it gives you a "program too big to fit into memory error" in the command prompt. Trying to run DDS.scr or anything .scr gives you "this is not a valid win32 application" A .com etension and a.bat extension gives the same "not a valid win32 application"

I tried to run HijackIt.msi, or any .msi I get a XP software restriction error. Basically I cannot run anything.

I tried to run ESET online scanner and it became re-infected rather quickly even while ESET was running.

Finally I tried running avira rescue cd to no avail. Apparently they have changed all file associations and permission etc. I looked at the local security policy and I dont see any software restrictions.


I was able to get malewarebytes to run in safe mode, and it appears to have removed the XP antivirus 2012 as I can work with it. But connecting it up to the internet it gets re-infected.

Right now I have it in a DMZ hanging off my ASA so it wont affect anything else, but I cant hook it up to the internet it will just get infected again. One process i saw come up was yki.exe and then the XP antivirus 2012 stuff would pop up. Looks like there might be a Apache server configured as well.

#2 User is offline   Budapest 

  • Bleepin' Cynic
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Moderator
  • Posts: 22,235
  • Joined: 11-November 06
  • Gender:Male

Posted 07 July 2011 - 04:42 PM

Your other topic is here: http://www.bleepingcomputer.com/forums/topic406443.html

Please be patient. There are nearly 400 unanswered topics in this forum at present and the current average wait time to receive help is 14 days.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users