Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Corrupt exe files

Started by Alex May , Aug 06 2005 01:52 AM

  • Please log in to reply

#1
Alex May
Posted 06 August 2005 - 01:52 AM

Alex May

    New Member

  • Member
  • Pip
  • 2 posts
Hi all!
MAY DAY!! MAY DAY!!
Need help.It seems that my computer is affected by w32.pateB virus(as told by mcafee virus scan 2004).It also claimed it has cleaned the system,however some(not all) of my programs(exe files) wont run.When i try to open them a black command prompt screen appears and vanishes in a flash.
So i upgraded to mcafee viruscan 2005 which didnt detect any viruses at all.And to add to the misery these programs cannot even be uninstalled.Same thing happens.

I have created a backup folder in a seprate drive with the installation files of all progams tht i cant live without.And ALL the exe files here wont run.PLEASE HELP.

And does anyone have any idea from where i can download mcafee viruscan updates for free(I am a poor bloke and a cant afford to pay those guys).Tried nai.com but the updates there didnt work.
  • 0

Advertisements

#2
Retired Tech
Posted 06 August 2005 - 02:46 AM

Retired Tech

    Retired Staff

  • Retired Staff
  • 20,563 posts
Something went wrong with the move of the files, do you have the installation CD's for them?

Please go here to check there isn't a malware issue

http://www.geekstogo..._Log-t2852.html

Run all the programmes as advised then post a current Hijack This Log to the Malware Team

Run either or both these regularly until you get things as they should be

http://www.pandasoft...n_principal.htm

http://housecall60.t.../start_corp.asp
  • 0

#3
Alex May
Posted 12 August 2005 - 12:54 AM

Alex May

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hi!
Unfortunately i dont have a CD Burner so i had saved all the installation files on other drive(So in times of truble i can just format my c: drive get all the programs back from these saved files).
I took almost a week to post this hijack log was because as soon as i downloaded hijack.exe,Mcafee used to pop up and say tht the file is infected with virus and delete the file.After downloading the file n number of times i have somehow managed to get the log.If u find mcafee missing from log tht is becoz i had to kill it using a process killer.

I had used the panda website b4 i asked for help but it dint work.Trend micro also detected 4 instaces of virus and cleaned it but still i cant run the EXE files(hey still open up in a command prompt).Heres the log.PLEASE HELP ME.

Logfile of HijackThis v1.99.1
Scan saved at 12:02:49, on 8/12/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
I:\Program Files\Microsoft AntiSpyware\gcasServ.exe
I:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Documents and Settings\Alex\Desktop\password\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com*
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4080F039-3590-4BF8-B62F-714A8791C486} - C:\WINDOWS\System32\ekjo.dll (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [gcasServ] "I:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [McRegWiz] C:\PROGRA~1\McAfee.com\Agent\mcregwiz.exe /autorun
O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe
O4 - HKCU\..\Run: [update.exe] C:\update.exe
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FLASHGET\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FLASHGET\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Billionton\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://I:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://I:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://I:\Program Files\AutoCAD 2002\InstFred.ocx
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://I:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{AACFAF68-48A9-4432-98BA-3587FCA8A79F}: NameServer = 202.88.130.67,202.88.130.15
O20 - Winlogon Notify: iexplore - C:\WINDOWS\SYSTEM32\gf01m.dll
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Billionton\Bluetooth Software\bin\btwdins.exe
O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program Files\McAfee\McAfee AntiSpyware\Msssrv.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
O23 - Service: McAfee SpamKiller Server (MskService) - Unknown owner - C:\PROGRA~1\McAfee\SPAMKI~1\MSKSrvr.exe (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
  • 0

#4
darth_ash
Posted 12 August 2005 - 01:00 AM

darth_ash

    Member 1K

  • Member
  • PipPipPipPip
  • 1,382 posts
This is a Malware issue, please start a new topic in the Malware Forums and post ur log there.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP