Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection. All .exe Cease To Function.


  • Please log in to reply
10 replies to this topic

#1 Illusion13

Illusion13

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 15 May 2007 - 12:45 PM

Seems like thats what I got. Most .exe cease to function, instead the first time of attempt to load them would cause a long wait time of not loading, and then the next few times a dos window appears and disappears as if the program doesnt work anymore. And then the icons get changed to as if there's no right program to run them. O.o

BC AdBot (Login to Remove)

 


m

#2 t3s

t3s

  • Members
  • 628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in MD
  • Local time:03:59 PM

Posted 15 May 2007 - 01:39 PM

You've deffinately got an infection there, and it doesn't sound like an easy one either. Have you tried safe mode? If you can manage to run anything in safe mode I would have to suggest reading this and posting an HJT log.

If safe mode doesn't work try this and proceed to post your log.

What OS are you using? The last link I supplied will only work for xp, server 2003, or business server 2000.

Edited by WlkingMan, 15 May 2007 - 01:41 PM.


“Technology does not drive change -- it enables change.”
-Unknown

 

"I'm a cannibal... I eat Crackers"

 

Hacker != Cracker

 

website is down until further notice. . . . 


#3 Illusion13

Illusion13
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 15 May 2007 - 02:18 PM

I am using Windows XP with no service packs... I got PC Cillin trial version and did a scan, seems to have gotten alot of things but alot of the .exes are infected already. The virus is "PE_LOOKED" or something. And well, I wonder if I should just delete those .exes or what...

#4 t3s

t3s

  • Members
  • 628 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Somewhere in MD
  • Local time:03:59 PM

Posted 15 May 2007 - 02:24 PM

Other than what I already suggested I would just try to stay off of that computer as much as possible.

Edited by WlkingMan, 15 May 2007 - 02:25 PM.


“Technology does not drive change -- it enables change.”
-Unknown

 

"I'm a cannibal... I eat Crackers"

 

Hacker != Cracker

 

website is down until further notice. . . . 


#5 Illusion13

Illusion13
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 15 May 2007 - 02:27 PM

No nothing works in safe mode either...

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,562 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:59 PM

Posted 15 May 2007 - 02:47 PM

Have you tried using System Restore or System Restore from a command prompt in "SAFE MODE" to return to a previous state before the infection?

If that does not work, you can try following the fix solution provided by Trend Micro here.

I am using Windows XP with no service packs...

Then you are using an unpatched version of Windows XP. It is CRITICAL that you update to Service Pack 1a and then all critical updates other than SP2. Without doing this and obtaining the enhanced security features right away, you are wide open to re-infection...other security risks due to an unpatched system, etc and just wasting your time. By applying all critical updates up to, but not including SP2, you will close these holes and not keep getting infected while cleaning your machine.

Please visit this link: Microsoft Service Pack 1a
and follow the directions for Express Installation under "Installing SP1a on Your Computer".

Apply the update and reboot when done.

IMPORTANT: DO NOT update to Service pack 2. Doing so before your computer is malware free can cause Windows to become unstable.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Illusion13

Illusion13
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 15 May 2007 - 03:33 PM

I will try it but... the thing is, PC Cillin managed to get rid of the virus already... But its already latched onto every single exe file and they just wont work.

#8 Illusion13

Illusion13
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 15 May 2007 - 03:56 PM

no doesnt work... I dont seem to have any old restore points...

#9 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:02:59 PM

Posted 15 May 2007 - 07:09 PM

See if anything here might help:
You receive an error message when you try to start a program that has an .exe file name extension
Cannot run EXE files - Programs don't open

I also highly recommend, that you take quietman7's advice, and install all critical updates, up to, but not including, SP2.
Once you have all updates installed, post a HijackThis log for examination.
A member of the HijackThis Team will walk you through, step by step, how to disinfect your computer.

Once you post your log, don't make any changes to your system, as that could change the results of the posted log, making it more difficult to properly clean your system.

Read Preparation Guide for use before posting a HijackThis Log.
Please read, and follow, all directions carefully!!!

Run a log, and post it in the HijackThis forum, >at this link<.
Do not, post it in this topic.
Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response from the HJT Team, because they are very busy. Please, be patient, as these people are volunteers. They will help you, as soon as possible.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#10 Illusion13

Illusion13
  • Topic Starter

  • Members
  • 49 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 16 May 2007 - 02:56 AM

hm...Since I think I've already disinfected the thing, and all the .exes are just broken, I might as well format and reinstall stuff... and then get the updates.

#11 Yourhighness

Yourhighness

    The BSG Malware Fighter


  • Malware Response Team
  • 7,943 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Hamburg
  • Local time:09:59 PM

Posted 10 June 2007 - 03:55 AM

Hi,

does that mean, that this can now be closed: http://www.bleepingcomputer.com/forums/ind...mp;#entry524079

? Thanks

"How did I get infected?" - "Safe-hex" - Member of UNITE -
Posted Image





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users