.EXE executions blocked; can't get to system restore

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by revmomles88, Feb 15, 2005.

  1. revmomles88

    revmomles88 Private E-2

    I need help!! I must have a trojan but cannot get to system restore to turn it off temporarily; cannot run anything I download because .exe files are blocked. My AdAware SE and Norton AntiVirus have been disabled. Seconds before all this happened AdAware popped up and I saw 4 messages stating that registry changes had been made.

    I ran TrendMicro's scan and it found nothing. When I checked the Norton AntiVirus help line and ran their scan, it said there was something in the registry that was common to trojans but didn't say what it was. I was on hold with them for 1 1/2 hours without getting to talk to anyone.

    Is there anything I can do to get to the registry prior to the trojan running? Is there any program I can run? I have purchased TrendMicro's Internet Security 2005 but when I try to run it, there is a message stating I need to check the CD and it won't even begin to install.

    Any help is greatly appreciated!!
     
  2. seaside

    seaside Corporal

    Before You Post Asking For Help, Please Read This
    02-04-04 Major Attitude () not being smart the tutorials at the start page are a must. read them all i have fixed up mine a few times using them its a great feeling to ido not know how i fixed the bugger but it works
     
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Are you coming here via another PC?

    You said you could not run exe files, is it just a file association problem?

    Looks like you are trying to run the READ ME FIRST, but having problems doing that. See if you can do the below:

    Make sure you have HijackThis 1.99 and follow the guidelines on where to install it and how to post a log as an attachment. This is all covered in the sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

    Now post a HijackThis log as an attachment to your message (Do not post the log inline). All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

    To repeat: Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT


    If you cannot double click on hijackthis.exe to make it run. Do the following:
    - click Start, Run, and enter c:\program files\hjt\hijackthis.exe then click OK.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds