Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can not open exe files - virus/worm(?)


  • This topic is locked This topic is locked
4 replies to this topic

#1 thetrial

thetrial

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:08 PM

Posted 16 April 2014 - 12:12 AM

Hi all and thanks in advance for any help you might be able to provide,

 

I am currently trying to help my friend who realized that he can't start many .exe files on his computer recently. He first noticed this when trying to install a game file he had downloaded, though this same file worked on my computer. We soon realized this applied to many other exe files, most importantly some antivirus programs such as Malwarebytes that he can't run, or seemingly any other programs that we think would help.

 

I found a page on Symantec about a worm that I think may be what we are dealing with but not sure as I am no expert on any of this stuff, "w32 sircam worm". Although the page did not really help with how to remove it. In case that may help here is that webpage: http://www.symantec.com/security_response/writeup.jsp?docid=2001-071720-1640-99&tabid=3

 

I also did some browsing of related topics in the forums and per someone's suggestion for someone else with a similar problem we downloaded farbar's exefix.reg - which we could not run or "merge" and therefore not use.

 

We're currently at a loss of what to do next since we don't think we could run anything that we think could aid us -- any help would be greatly appreciated.

 

:unsure:


Edited by hamluis, 16 April 2014 - 10:52 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:08 AM

Posted 16 April 2014 - 12:51 AM

Hello -

You are posting this in Windows 7, but this seems to affect older systems => Systems Affected: Windows 95, Windows 98, Windows Me

 

Please try these few scans and if they run, Copy and Paste the logs back here.

If you are not able to run any of these scans please tell us after you try -

 

Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If a security program requests permission to access the Internet, allow it to do so.

 

 

Please download MiniToolBox to desktop and run it.
Checkmark the following boxes:

* List content of Hosts
* Flush DNS
* Report IE Proxy Settings
* Reset IE Proxy Settings
* Report FF Proxy Settings
* Reset FF Proxy Settings
* List last 10 Event Viewer log
* List Installed Programs
* List Users, Partitions and Memory size
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
Click Go and Copy / Paste the result. (result.txt)

 

 

Please download and run RKill by Grinler.

A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.

At most the tool will run for about 2 minutes

Copy and paste the log that will be produced.

 

Download AdwCleaner by Xplode and save to your Desktop.

•Double click on AdwCleaner.exe to run the tool.
•Vista/Windows 7/8 users right-click and select Run As Administrator
•Click on the Scan button. (only once)
•AdwCleaner will begin...be patient as the scan may take some time to complete.
•When it's done you'll see: Pending: Uncheck any elements you don't want removed.
•Now click on the Report button... A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
•Look over the log especially under Files/Folders for any program you want to save.
•If there's a program you want to save, just uncheck it from AdwCleaner.
•If you're not sure, post the log for review.
•If you're ready to clean it all up.....click the Clean button.(only once)
•After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
•Copy and paste the contents of that logfile in your next reply.
•A copy of that logfile will also be saved in the C:\AdwCleaner folder.
•Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
•To restore an item that has been deleted (if necessary):
•Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

 

 

There is now a new version of Malwarebytes Anti-Malware (V2.0.1) This passes V1.75.0.1300

If you wish to Re-scan you will need to remove the old version first.

Please see MBAM Clean Instructions

 

* Download Malwarebytes Anti-Malware Free and save it to your desktop
* Double click the desktop icon, click Run, then OK
* Click Next
* Select I accept the agreement then continue to click Next then finally click Install
** Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
* If you are notified the Database is out of date click Update Now
* Click Scan Now >>

----------------------------------

** Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
* Click Start (Start, Search, All files and folders for Windows XP) then type mbam
* Double click one of the four following files (if one does not work try the next one, and so on) -

A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr
mbam-chameleon
mbam-chameleon.exe
mbam-chameleon.com
-----------------------------------

** When completed click the down arrow on Export Log and select Text file (*.txt)
* Save the file to your desktop as MBAM
* Click Apply Actions then restart your computer if requested
* Copy and past the contents of MBAM.txt in your reply



#3 thetrial

thetrial
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:08 PM

Posted 16 April 2014 - 07:09 PM

Thank you so much for your response! I was worried I posted in the wrong topic..
 
Here are my results from SecurityCheck -- I was unable to run the other programs following thisone:

 Results of screen317's Security Check version 0.99.81  
 Windows 7  x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
AVG AntiVirus Free Edition 2014   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 7  
 Java version out of Date! 
  Adobe Flash Player 11.9.900.117 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox 15.0 Firefox out of Date!  
 Google Chrome 33.0.1750.154  
 Google Chrome 34.0.1847.116  
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
Could not run MiniToolBox.
 
Could not run RKill by Grinler.
 
Could not run AdwCleaner.
 
Could not run MBAM Clean / Malwarebytes Anti-Malware Free.
 
Message that occurs: Windows cannot find 'C:\users\kristofer\desktop\rkill.exe'. Make sure you typed the name correctly, and then try again."
 
Thank you again for your help!


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:11:08 AM

Posted 16 April 2014 - 07:34 PM

Thanks for the reply, but I think we need to have the Experts look at this.

 

Only follow the directions that you can, but still post the New Topic as directed.

 

As you seem badly infected, please Fully read and follow the instructions in the Preparation Guide starting at Step #6.

 

NOTE :If you are unable to complete any step, please still post the new topic and leave a full description of your problems.

This is a requested guide only, and the Experts will have their own methods to tackle your problem.

 

When you have done that, start a new topic and post the required logs to  Virus, Trojan, Spyware, and Malware Removal Logs forum, NOT here, for assistance by the Malware Response Team Experts.

 

 Please Use Copy / Paste for your responses, and Do Not Attach them unless your helper requests this.

 

 If Help Bot responds to your topic, please follow his Step #1 so the team will be notified.

 

 After doing this, please reply back in this thread with a link to the new topic so we can close this one and stop any bad advice being posted.



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:08 PM

Posted 16 April 2014 - 08:19 PM

New topic
http://www.bleepingcomputer.com/forums/t/531333/cant-seem-to-run-any-exe-files/

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users