Cunningbeef
asked on
EXE files are being blocked
I know this has been discussed on and off for many years. However,none of the old solutions are helping me solve the problem. I have been battling trojans, viruses and rootkits that AVG has not stopped, on a WIndows 7 desktop. I have used Malwarebytes and Stopzilla to get rid of a TDSS rootkit and numerous viruses and trojans.
However, at the end of it all, I now cannot run an .EXE files - I can laucnh the app by launching an associated document, like .DOC or .HTM, but not the executable itself.
I assume something is blocking these files! Either a virus or an over-zealous fix by Stopzilla or MB. I am hoping someone can shed some light. I am running another full system scan right now using Stopzilla and nothing is coming up (so far).
Thanks
ADC
However, at the end of it all, I now cannot run an .EXE files - I can laucnh the app by launching an associated document, like .DOC or .HTM, but not the executable itself.
I assume something is blocking these files! Either a virus or an over-zealous fix by Stopzilla or MB. I am hoping someone can shed some light. I am running another full system scan right now using Stopzilla and nothing is coming up (so far).
Thanks
ADC
ASKER
Yes, 32 bit.
I think its the result of the virus,, if you have a high impact virus (Sality) or something like this, it infect the EXE file, so when the antivirus clean the virus from these files, these files are not able to run any more!
ASKER
NOTE: The file link supplied by Optoma to EXEHELPER.COM gets blocked by McAfee as being a Trojan (Generic.dx!sbo) - warning to anyone who attempts to download this file!!
Sorry, forgot to mention that a lot of AV vendors falsely flag ExeHelper.
Disable AV and allow the file to be downloaded and ran :)
Disable AV and allow the file to be downloaded and ran :)
ASKER
Looking at the blogs, this may be a false positive from McAfee, can anyone confirm this file is OK to download and run?
ASKER
If the EXE files were corrupt, as Mwani suggests, then they would not open when the associated document is opened. I don't believe the files are corrupt, I still think it is a permissions issue. Or a corrupted user account (but I've tried making a new one to no avail).
Optoma, EXEHELPER ran but no change. Hitmanpro is finding mostly Adware cookies but one "high risk cloaked Malware" - JXFP_RY5V.EXE - which I have deleted.
However I still cannot run .EXE files.
Optoma, EXEHELPER ran but no change. Hitmanpro is finding mostly Adware cookies but one "high risk cloaked Malware" - JXFP_RY5V.EXE - which I have deleted.
However I still cannot run .EXE files.
Can you post Exehelpers logfile.
Did you restart machine and test?
Do you get any error message or anything when trying to open an exe directly?
Did you restart machine and test?
Do you get any error message or anything when trying to open an exe directly?
Have you tried the options in this article, when .exes are blocked, i.e. renaming the tools before downloading, ie., renaming ComboFix to CF.bat before actually downloading the file.
If you can't run .exes
http://www.experts-exchang
If you can't run .exes
http://www.experts-exchang
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
for Optoma - EXEHELPER log file:
exeHelper by Raktor
Build 20100414
Run at 11:02:44 on 07/05/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
When I try to run an EXE the Windows Security message box that opens simply says:
"Your Internet Security Settings prevented one or more files from being opened."
It's not anything that has changed in my Internet security settings, they are as they have always been and even if I open them wide and cancel all firewalls and AV, the EXEs still won't run.
exeHelper by Raktor
Build 20100414
Run at 11:02:44 on 07/05/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
When I try to run an EXE the Windows Security message box that opens simply says:
"Your Internet Security Settings prevented one or more files from being opened."
It's not anything that has changed in my Internet security settings, they are as they have always been and even if I open them wide and cancel all firewalls and AV, the EXEs still won't run.
Before Avg, was there another AV/FW security installed?
Sorry, reading posts,... you currently have McAfee installed and Avg??
ASKER
No, sorry, ditched McAfee when problems began and installed AVG on advice from our central IT staff. Now AVG switched off, just running Stopzilla (seemed to find a lot more stuff than McAfee or AVG)...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ran MCPR. Hasn't yet made any difference.
Try Avg's removal tool
http://www.avg.com/gb-en/download-tools
What happens in safe mode?Same exe issue?
http://www.avg.com/gb-en/download-tools
What happens in safe mode?Same exe issue?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks all for your valiant efforts but it just didn;t work, so I've had to reinstall WIndows 7 and am now having to reload all my apps. A real pain. Thanks again.
ASKER
This is a tough one and nobody has ever fully worked it out, from all the threads I have been through. Thanks for your efforts.
No prob. There will be answer some day :)
http://raktor.net/exeHelper/exeHelper.com
Win 7 32bit?