Page 1 of 2 12 LastLast
Results 1 to 20 of 22

Thread: (***) is not a valid win32 application...

  1. #1
    Arianna
    Guest

    (***) is not a valid win32 application...


    I'm about to rip my hair out.

    I got a pop up the other day saying something about how Windows
    Security Alerts detected some virus. Like an idiot, I clicked "OK"
    without thinking. Now, I have a constant pop-up from some supposed
    security alert center asking me to buy it. UNlike other rogue
    anti-spyware viruses I've had, though, this one won't let me do
    ANYTHING.

    I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    Systemcare. It won't let me open anything .exe save for Internet
    Explorer. I have tried running all of these in Safe Mode. This doesn't
    work either. I have surfed the web and found numerous supposed "fixes,"
    but once I download them, I can't use them as the error message pops up
    once again telling me that it's not a valid Win32 application. I've
    tried system restore, and it tells me that system restore was shut off
    by the administrator.

    Please someone help me. I don't want to have to completely redo
    EVERYTHING if I don't have to.

    Thanks in advance.


    --
    Arianna
    ------------------------------------------------------------------------
    Arianna's Profile: http://forums.techarena.in/members/133071.htm
    View this thread: http://forums.techarena.in/virus-spyware/1243103.htm

    http://forums.techarena.in


  2. #2
    tommy
    Guest

    Re: (***) is not a valid win32 application...




    Arianna wrote:
    > I'm about to rip my hair out.
    >
    > I got a pop up the other day saying something about how Windows
    > Security Alerts detected some virus. Like an idiot, I clicked "OK"
    > without thinking. Now, I have a constant pop-up from some supposed
    > security alert center asking me to buy it. UNlike other rogue
    > anti-spyware viruses I've had, though, this one won't let me do
    > ANYTHING.
    >
    > I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    > Systemcare. It won't let me open anything .exe save for Internet
    > Explorer. I have tried running all of these in Safe Mode. This doesn't
    > work either. I have surfed the web and found numerous supposed
    > "fixes," but once I download them, I can't use them as the error
    > message pops up once again telling me that it's not a valid Win32
    > application. I've tried system restore, and it tells me that system
    > restore was shut off by the administrator.
    >
    > Please someone help me. I don't want to have to completely redo
    > EVERYTHING if I don't have to.
    >
    > Thanks in advance.


    [ you may have to rename mbam.exe in Safemode to something else if its being
    blocked. Change to myzap.exe for example ]
    also post in alt.comp.anti-virus for more tips

    --
    Tommy



  3. #3
    Todd H.
    Guest

    Re: (***) is not a valid win32 application...

    Arianna <Arianna.3y5fnb@DoNotSpam.com> writes:

    > I'm about to rip my hair out.
    >
    > I got a pop up the other day saying something about how Windows
    > Security Alerts detected some virus. Like an idiot, I clicked "OK"
    > without thinking. Now, I have a constant pop-up from some supposed
    > security alert center asking me to buy it. UNlike other rogue
    > anti-spyware viruses I've had, though, this one won't let me do
    > ANYTHING.
    >
    > I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    > Systemcare. It won't let me open anything .exe save for Internet
    > Explorer. I have tried running all of these in Safe Mode. This doesn't
    > work either. I have surfed the web and found numerous supposed "fixes,"
    > but once I download them, I can't use them as the error message pops up
    > once again telling me that it's not a valid Win32 application. I've
    > tried system restore, and it tells me that system restore was shut off
    > by the administrator.
    >
    > Please someone help me. I don't want to have to completely redo
    > EVERYTHING if I don't have to.
    >
    > Thanks in advance.



    Hate to be the bearer of bad news, but your machine is well beyond the
    threshold of "you should redo EVERYTHING."

    There is a certain liberty in being that screwed. Even if you could
    get any cleanup tools to run to allow you to do something with the
    machine, at best you'd have a machine that _might_ be stable, and that
    you definitely shouldn't trust.

    Get your data off the disk (booting into a bootable rescue cd of some
    flavor), reinstall Windows from original optical media and include a
    reallocation of the disk (delete the partition, recreate the
    partition) and reformatting.


    --
    Todd H.
    http://www.toddh.net/

  4. #4
    geoar75@gmail.com
    Guest

    Re: (***) is not a valid win32 application...

    On Sep 7, 5:52*pm, Arianna <Arianna.3y5...@DoNotSpam.com> wrote:
    > I'm about to rip my hair out.
    >
    > I got a pop up the other day saying something about how Windows
    > Security Alerts detected some virus. Like an idiot, I clicked "OK"
    > without thinking. Now, I have a constant pop-up from some supposed
    > security alert center asking me to buy it. UNlike other rogue
    > anti-spyware viruses I've had, though, this one won't let me do
    > ANYTHING.
    >
    > I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    > Systemcare. It won't let me open anything .exe save for Internet
    > Explorer. I have tried running all of these in Safe Mode. This doesn't
    > work either. I have surfed the web and found numerous supposed "fixes,"
    > but once I download them, I can't use them as the error message pops up
    > once again telling me that it's not a valid Win32 application. I've
    > tried system restore, and it tells me that system restore was shut off
    > by the administrator.
    >
    > Please someone help me. I don't want to have to completely redo
    > EVERYTHING if I don't have to.
    >
    > Thanks in advance.
    >
    > --
    > Arianna
    > ------------------------------------------------------------------------
    > Arianna's Profile:http://forums.techarena.in/members/133071.htm
    > View this thread:http://forums.techarena.in/virus-spyware/1243103.htm
    >
    > http://forums.techarena.in


    Arianna,

    Although I agree with Todd, I'd give ComboFix a try, before anything
    else.
    You can download it from http://www.combofix.org. Don't worry,
    ComboFix is not spyware or anything. I have personally tried it and it
    saved me a lot of time.

    Good luck!

    Giorgos

    --

    NetPros Community
    http://netpros.freeforums.org

  5. #5
    Lacromone Escavantes
    Guest

    Re: (***) is not a valid win32 application...

    Arianna <Arianna.3y5fnb@DoNotSpam.com> wrote in
    news:Arianna.3y5fnb@DoNotSpam.com:

    >
    > I'm about to rip my hair out.
    >
    > I got a pop up the other day saying something about how Windows
    > Security Alerts detected some virus. Like an idiot, I clicked "OK"
    > without thinking. Now, I have a constant pop-up from some supposed
    > security alert center asking me to buy it. UNlike other rogue
    > anti-spyware viruses I've had, though, this one won't let me do
    > ANYTHING.
    >
    > I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    > Systemcare. It won't let me open anything .exe save for Internet
    > Explorer. I have tried running all of these in Safe Mode. This doesn't
    > work either. I have surfed the web and found numerous supposed

    "fixes,"
    > but once I download them, I can't use them as the error message pops

    up
    > once again telling me that it's not a valid Win32 application. I've
    > tried system restore, and it tells me that system restore was shut off
    > by the administrator.
    >
    > Please someone help me. I don't want to have to completely redo
    > EVERYTHING if I don't have to.
    >
    > Thanks in advance.
    >
    >


    The solution to your problem can be found here:

    http://technet.microsoft.com/en-us/l.../cc512587.aspx

    L

  6. #6
    tommy
    Guest

    Re: (***) is not a valid win32 application...




    Arianna wrote:
    > I'm about to rip my hair out.
    >
    > I got a pop up the other day saying something about how Windows
    > Security Alerts detected some virus. Like an idiot, I clicked "OK"
    > without thinking. Now, I have a constant pop-up from some supposed
    > security alert center asking me to buy it. UNlike other rogue
    > anti-spyware viruses I've had, though, this one won't let me do
    > ANYTHING.
    >
    > I can't run Antivir, Spyware Doctor, MalwareBytes, or Advanced
    > Systemcare. It won't let me open anything .exe save for Internet
    > Explorer. I have tried running all of these in Safe Mode. This doesn't
    > work either. I have surfed the web and found numerous supposed
    > "fixes," but once I download them, I can't use them as the error
    > message pops up once again telling me that it's not a valid Win32
    > application. I've tried system restore, and it tells me that system
    > restore was shut off by the administrator.
    >
    > Please someone help me. I don't want to have to completely redo
    > EVERYTHING if I don't have to.
    >
    > Thanks in advance.


    some good information here
    http://www.elephantboycomputers.com/...iruses_Malware

    note: when I have problems like yours, I use safe mode, where I use Task
    Manager to kill as many virus processes as possible until I can run
    Malwarebytes. You have to kind of know a fair bit about which processes are
    suspect. Usually ones that have a lot of nonsense consonants are suspect for
    one thing.



  7. #7
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    > some good information here
    > http://www.elephantboycomputers.com/...iruses_Malware


    The usual nonsense. *sigh*

    http://technet.microsoft.com/en-us/l.../cc512587.aspx

    Please understand that, no matter how much skill you think you have, you
    still can't be certain that you got rid of all malware if you don't have
    a known-good baseline to compare against.

    Besides, CCleaner a powerful tool? Don't make me laugh. The tool doesn't
    check even half of the locations from where Windows automatically starts
    stuff.

    > note: when I have problems like yours, I use safe mode, where I use
    > Task Manager to kill as many virus processes as possible until I can
    > run Malwarebytes. You have to kind of know a fair bit about which
    > processes are suspect. Usually ones that have a lot of nonsense
    > consonants are suspect for one thing.


    .... whereas processes with names like "service.exe", "explore.exe",
    "exp1orer.exe", "svcchost.exe" et. al. are obviously perfectly harmless
    and nothing to worry about ...

    *doublesigh*

    Names. Don't. Mean. Anything. At all. When will people begin to
    understand this simple fact?

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  8. #8
    Leythos
    Guest

    Re: (***) is not a valid win32 application...

    In article <h8hrdn$ln0$1@news.eternal-september.org>, tommylee9_2000
    @removeyahoo.dropcom says...
    > note: when I have problems like yours, I use safe mode, where I use Task
    > Manager to kill as many virus processes as possible until I can run
    > Malwarebytes. You have to kind of know a fair bit about which processes are
    > suspect. Usually ones that have a lot of nonsense consonants are suspect for
    > one thing.
    >


    In the last month I've run into 4 computers that were infected in a
    manner that would not let me run ANY known anti-malware tools and that I
    could not find the malware either.

    I removed the drive and checked it from another computer with working
    anti-malware tools and little was detected, replace it in the machine,
    it was still infected with the same anti-malware tool blocking malware.

    I tried all of the tools suggested here and some not commonly suggested,
    even if I could get them to install the would not run or updates.

    I fell back to my standard, wiped the drive and reinstalled from scratch
    in a clean environment.

    --
    You can't trust your best friends, your five senses, only the little
    voice inside you that most civilians don't even hear -- Listen to that.
    Trust yourself.
    spam999free@rrohio.com (remove 999 for proper email address)

  9. #9
    tommy
    Guest

    Re: (***) is not a valid win32 application...




    Ansgar -59cobalt- Wiechers wrote:
    > tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    >> some good information here
    >> http://www.elephantboycomputers.com/...iruses_Malware

    >
    > The usual nonsense. *sigh*
    >
    > http://technet.microsoft.com/en-us/l.../cc512587.aspx
    >
    > Please understand that, no matter how much skill you think you have,
    > you still can't be certain that you got rid of all malware if you
    > don't have a known-good baseline to compare against.
    >
    > Besides, CCleaner a powerful tool? Don't make me laugh. The tool
    > doesn't check even half of the locations from where Windows
    > automatically starts stuff.
    >
    >> note: when I have problems like yours, I use safe mode, where I use
    >> Task Manager to kill as many virus processes as possible until I can
    >> run Malwarebytes. You have to kind of know a fair bit about which
    >> processes are suspect. Usually ones that have a lot of nonsense
    >> consonants are suspect for one thing.

    >
    > ... whereas processes with names like "service.exe", "explore.exe",
    > "exp1orer.exe", "svcchost.exe" et. al. are obviously perfectly
    > harmless and nothing to worry about ...
    >
    > *doublesigh*
    >
    > Names. Don't. Mean. Anything. At all. When will people begin to
    > understand this simple fact?
    >
    > cu
    > 59cobalt


    I should have included a link that would help identify suspect processes.
    Here's one, there are many many more:
    http://www.answersthatwork.com/Taskl...s/tasklist.htm

    "No generalization is worth a damn, including this one"

    Mark Twain



  10. #10
    tommy
    Guest

    Re: (***) is not a valid win32 application...




    Leythos wrote:
    > In article <h8hrdn$ln0$1@news.eternal-september.org>, tommylee9_2000
    > @removeyahoo.dropcom says...
    >> note: when I have problems like yours, I use safe mode, where I use
    >> Task Manager to kill as many virus processes as possible until I can
    >> run Malwarebytes. You have to kind of know a fair bit about which
    >> processes are suspect. Usually ones that have a lot of nonsense
    >> consonants are suspect for one thing.
    >>

    >
    > In the last month I've run into 4 computers that were infected in a
    > manner that would not let me run ANY known anti-malware tools and
    > that I could not find the malware either.
    >
    > I removed the drive and checked it from another computer with working
    > anti-malware tools and little was detected, replace it in the machine,
    > it was still infected with the same anti-malware tool blocking
    > malware.
    >
    > I tried all of the tools suggested here and some not commonly
    > suggested,
    > even if I could get them to install the would not run or updates.
    >
    > I fell back to my standard, wiped the drive and reinstalled from
    > scratch
    > in a clean environment.


    yes, some cases call for reinstallation .
    Here's a link for that: http://windowsreinstall.com/

    It does sound like her case might need it. She should seek a qualified tech
    in her area.





  11. #11
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    > Ansgar -59cobalt- Wiechers wrote:
    >> tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    >>> some good information here
    >>> http://www.elephantboycomputers.com/...iruses_Malware

    >>
    >> The usual nonsense. *sigh*
    >>
    >> http://technet.microsoft.com/en-us/l.../cc512587.aspx
    >>
    >> Please understand that, no matter how much skill you think you have,
    >> you still can't be certain that you got rid of all malware if you
    >> don't have a known-good baseline to compare against.
    >>
    >> Besides, CCleaner a powerful tool? Don't make me laugh. The tool
    >> doesn't check even half of the locations from where Windows
    >> automatically starts stuff.
    >>
    >>> note: when I have problems like yours, I use safe mode, where I use
    >>> Task Manager to kill as many virus processes as possible until I can
    >>> run Malwarebytes. You have to kind of know a fair bit about which
    >>> processes are suspect. Usually ones that have a lot of nonsense
    >>> consonants are suspect for one thing.

    >>
    >> ... whereas processes with names like "service.exe", "explore.exe",
    >> "exp1orer.exe", "svcchost.exe" et. al. are obviously perfectly
    >> harmless and nothing to worry about ...
    >>
    >> *doublesigh*
    >>
    >> Names. Don't. Mean. Anything. At all. When will people begin to
    >> understand this simple fact?

    >
    > I should have included a link that would help identify suspect
    > processes. Here's one, there are many many more:
    > http://www.answersthatwork.com/Taskl...s/tasklist.htm


    *sigh*

    Here's a little exercise for you:

    1. Create a copy of NOTEPAD.EXE in %SystemRoot%.
    2. Rename it to exp1orer.exe (notice how it's written with "one" instead
    of "ell").
    3. Run it.

    Now answer yourself some questions:

    Did renaming notepad to exp1orer somehow magically turn notepad into
    explorer? If not, why would you think a program's name meant anything in
    the first place?

    How do you identify the location of the program binary if you're using
    taskmgr.exe? The Windows Task Manager does not show the paths of
    executables in any Winddows version up to at least XP. And if you can't
    identify the location, what makes you think you could distinguish
    malware from a legit system binary?

    How exactly is malware running with admin privileges prevented from
    infecting/altering system binaries?


    And since you seem to like quotes, I do have two of my own for you:

    "Names. Don't. Mean. Anything. At all."
    --me

    "Please understand that, no matter how much skill you think you have,
    you still can't be certain that you got rid of all malware if you don't
    have a known-good baseline to compare against."
    --me as well

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  12. #12
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    > yes, some cases call for reinstallation .
    > Here's a link for that: http://windowsreinstall.com/
    >
    > It does sound like her case might need it. She should seek a qualified
    > tech in her area.


    Any qualified technician will suggest to flatten and rebuild the box,
    because he's aware of the fact that he can't guarantee that he'd get rid
    of all malware otherwise.

    http://technet.microsoft.com/en-us/l.../cc512587.aspx

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  13. #13
    Todd H.
    Guest

    Re: (***) is not a valid win32 application...

    "tommy" <tommylee9_2000@removeyahoo.dropcom> writes:

    > Leythos wrote:
    >> In article <h8hrdn$ln0$1@news.eternal-september.org>, tommylee9_2000
    >> @removeyahoo.dropcom says...
    >>> note: when I have problems like yours, I use safe mode, where I use
    >>> Task Manager to kill as many virus processes as possible until I can
    >>> run Malwarebytes. You have to kind of know a fair bit about which
    >>> processes are suspect. Usually ones that have a lot of nonsense
    >>> consonants are suspect for one thing.
    >>>

    >>
    >> In the last month I've run into 4 computers that were infected in a
    >> manner that would not let me run ANY known anti-malware tools and
    >> that I could not find the malware either.
    >>
    >> I removed the drive and checked it from another computer with working
    >> anti-malware tools and little was detected, replace it in the machine,
    >> it was still infected with the same anti-malware tool blocking
    >> malware.
    >>
    >> I tried all of the tools suggested here and some not commonly
    >> suggested,
    >> even if I could get them to install the would not run or updates.
    >>
    >> I fell back to my standard, wiped the drive and reinstalled from
    >> scratch
    >> in a clean environment.

    >
    > yes, some cases call for reinstallation .
    > Here's a link for that: http://windowsreinstall.com/
    >
    > It does sound like her case might need it. She should seek a qualified tech
    > in her area.


    I disagree. All cases where you've got confirmed malware on the
    system call for reinstallation from original media.

    You can run cleanup routines. It might actually find things, it might
    even remove those things. Then again, it very well might not. Hiding
    from AV is not that hard.

    The time investment is a barrier, sure, but what it comes down to is:
    Do you feel lucky?


    --
    Todd H.
    http://www.toddh.net/

  14. #14
    tommy
    Guest

    Re: (***) is not a valid win32 application...




    Ansgar -59cobalt- Wiechers wrote:
    > tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    >> Ansgar -59cobalt- Wiechers wrote:
    >>> tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    >>>> some good information here
    >>>> http://www.elephantboycomputers.com/...iruses_Malware
    >>>
    >>> The usual nonsense. *sigh*
    >>>
    >>> http://technet.microsoft.com/en-us/l.../cc512587.aspx
    >>>
    >>> Please understand that, no matter how much skill you think you have,
    >>> you still can't be certain that you got rid of all malware if you
    >>> don't have a known-good baseline to compare against.
    >>>
    >>> Besides, CCleaner a powerful tool? Don't make me laugh. The tool
    >>> doesn't check even half of the locations from where Windows
    >>> automatically starts stuff.
    >>>
    >>>> note: when I have problems like yours, I use safe mode, where I use
    >>>> Task Manager to kill as many virus processes as possible until I
    >>>> can run Malwarebytes. You have to kind of know a fair bit about
    >>>> which processes are suspect. Usually ones that have a lot of
    >>>> nonsense consonants are suspect for one thing.
    >>>
    >>> ... whereas processes with names like "service.exe", "explore.exe",
    >>> "exp1orer.exe", "svcchost.exe" et. al. are obviously perfectly
    >>> harmless and nothing to worry about ...
    >>>
    >>> *doublesigh*
    >>>
    >>> Names. Don't. Mean. Anything. At all. When will people begin to
    >>> understand this simple fact?

    >>
    >> I should have included a link that would help identify suspect
    >> processes. Here's one, there are many many more:
    >> http://www.answersthatwork.com/Taskl...s/tasklist.htm

    >
    > *sigh*
    >
    > Here's a little exercise for you:
    >
    > 1. Create a copy of NOTEPAD.EXE in %SystemRoot%.
    > 2. Rename it to exp1orer.exe (notice how it's written with "one"
    > instead of "ell").
    > 3. Run it.
    >
    > Now answer yourself some questions:
    >
    > Did renaming notepad to exp1orer somehow magically turn notepad into
    > explorer? If not, why would you think a program's name meant anything
    > in the first place?
    >
    > How do you identify the location of the program binary if you're using
    > taskmgr.exe? The Windows Task Manager does not show the paths of
    > executables in any Winddows version up to at least XP. And if you
    > can't identify the location, what makes you think you could
    > distinguish malware from a legit system binary?
    >
    > How exactly is malware running with admin privileges prevented from
    > infecting/altering system binaries?
    >
    >
    > And since you seem to like quotes, I do have two of my own for you:
    >
    > "Names. Don't. Mean. Anything. At all."
    > --me
    >
    > "Please understand that, no matter how much skill you think you have,
    > you still can't be certain that you got rid of all malware if you
    > don't have a known-good baseline to compare against."
    > --me as well
    >
    > cu
    > 59cobalt


    Read this : MBAM will not install or run(Fix) Maybe it will explain what I
    am talking about. You have some preconceived notions about such Malwarebytes
    "nonsense" : http://tinyurl.com/qdqlcl





  15. #15
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    > Ansgar -59cobalt- Wiechers wrote:
    >> tommy <tommylee9_2000@removeyahoo.dropcom> wrote:
    >>> I should have included a link that would help identify suspect
    >>> processes. Here's one, there are many many more:
    >>> http://www.answersthatwork.com/Taskl...s/tasklist.htm

    >>
    >> *sigh*
    >>
    >> Here's a little exercise for you:
    >>
    >> 1. Create a copy of NOTEPAD.EXE in %SystemRoot%.
    >> 2. Rename it to exp1orer.exe (notice how it's written with "one"
    >> instead of "ell").
    >> 3. Run it.
    >>
    >> Now answer yourself some questions:
    >>
    >> Did renaming notepad to exp1orer somehow magically turn notepad into
    >> explorer? If not, why would you think a program's name meant anything
    >> in the first place?
    >>
    >> How do you identify the location of the program binary if you're using
    >> taskmgr.exe? The Windows Task Manager does not show the paths of
    >> executables in any Winddows version up to at least XP. And if you
    >> can't identify the location, what makes you think you could
    >> distinguish malware from a legit system binary?
    >>
    >> How exactly is malware running with admin privileges prevented from
    >> infecting/altering system binaries?

    >
    > Read this : MBAM will not install or run(Fix) Maybe it will explain
    > what I am talking about. You have some preconceived notions about such
    > Malwarebytes "nonsense" : http://tinyurl.com/qdqlcl


    Thank you for making perfectly clear that you didn't understand a single
    word of what I wrote.

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  16. #16
    Skywise
    Guest

    Re: (***) is not a valid win32 application...

    Ansgar -59cobalt- Wiechers <usenet-2009@planetcobalt.net> wrote in
    news:h8j6mm$33j$1@news.eternal-september.org:

    > How do you identify the location of the program binary if you're using
    > taskmgr.exe? The Windows Task Manager does not show the paths of
    > executables in any Winddows version up to at least XP.


    Just wanted to mention that System Info does show paths. This for
    both Win2k and XP.

    System Info > Software Environment > Running Tasks

    Although, if it can be spoofed then it's still useless.

    Brian
    --
    http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
    Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
    Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
    Sed quis custodiet ipsos Custodes?

  17. #17
    cnicholls@tstate.com
    Guest

    Re: (***) is not a valid win32 application...


    Ok, I’m new here, I ran across this thread on Google trying to fix my
    father-laws pc.

    You guys keep arguing about weather to fix it or not.
    That up to you i guess, however i dont feel like reinstalling someone’s
    junk pc!

    Its probable that this is too late to help you but for the other
    larkers’ this may help you.

    Here is what i did.

    1. on a good pc i downloaded malware bytes
    2. Renamed mbam.exe to mbam.com
    3. click and install
    4. browse to install dir, c:\program files\malware bytes....
    5. Rename mbam.exe to mbam.com then dbl click run scan '
    6. remove all found issues (mine found 546!!!)
    7. rename mbam.com back to mbam.exe
    8. reboot.
    9. install whatever else pleases you and clean away


    Good luck!


    --
    cnicholls@tstate.com
    ------------------------------------------------------------------------
    cnicholls@tstate.com's Profile: http://forums.techarena.in/members/146379.htm
    View this thread: http://forums.techarena.in/virus-spyware/1243103.htm

    http://forums.techarena.in


  18. #18
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    cnicholls@tstate.com <cnichollststate.com.40czjb@donotspam.com> wrote:
    > Ok, I'm new here, I ran across this thread on Google trying to fix my
    > father-laws pc.
    >
    > You guys keep arguing about weather to fix it or not.
    > That up to you i guess, however i dont feel like reinstalling
    > someone's junk pc!


    Then perhaps you should leave it to someone who does.

    > Its probable that this is too late to help you but for the other
    > larkers? this may help you.


    No it doesn't. Because once a system got compromised you can never be
    sure that you found and removed all malware (unless you have a known-
    good baseline to compare against).

    http://technet.microsoft.com/en-us/l.../cc512587.aspx

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

  19. #19
    cnicholls@tstate.com
    Guest

    Re: (***) is not a valid win32 application...


    Its techs like you that give others a bad name....

    Ohhh got a virus? got an issue? no problem i will just erase everything
    and start over.... any idiot can reinstall windows!

    I dont charge anything, so my goal is to help people out if i can, as
    long as it doesnt take too long.

    If i can make an unusable pc work again without causing the user to
    loose all the data they didnt remember to backup, my job is done.

    You are right, I "cant know for sure" if malware is still there. If i
    dont know its there and the pc is working normally and the owner is
    happy, then does grandma really give a crap as long as she can send
    email and browse the web?

    So when a single mom, or whoever says hey, i get these nasty popups and
    my internet is so slow can you fix it? i say sure, pop in a usb drive
    full of tools and in a hour or so of playing around, the popups are gone
    and everything else operates as normal. She didnt have to try to tell me
    where all her files are, I didnt have to save all the emails that are
    important for her, i didnt need her to bring me all the windows, office,
    and other cds to put back on...

    Sure reinstalling a pc may be nothing to assure your piece of mind.

    But to sally public, the last thing they want to hear is sorry. I hope
    you had your crap backed up
    All they want to here is, here you go its just fixed...
    that’s a big deal to real person....


    --
    cnicholls@tstate.com
    ------------------------------------------------------------------------
    cnicholls@tstate.com's Profile: http://forums.techarena.in/members/146379.htm
    View this thread: http://forums.techarena.in/virus-spyware/1243103.htm

    http://forums.techarena.in


  20. #20
    Ansgar -59cobalt- Wiechers
    Guest

    Re: (***) is not a valid win32 application...

    cnicholls@tstate.com <cnichollststate.com.40danb@donotspam.com> wrote:
    > Its techs like you that give others a bad name....


    I can live with giving people like you a bad name.

    > Ohhh got a virus? got an issue? no problem i will just erase
    > everything and start over.... any idiot can reinstall windows!


    Yet, so very few are capable of doing it right ...

    > I dont charge anything, so my goal is to help people out if i can, as
    > long as it doesnt take too long.


    That's probably the difference between the two of us. If I take on a job
    (regardless of whether I do or don't charge anything for it), I'm doing
    it right, no matter how long it takes.

    > If i can make an unusable pc work again without causing the user to
    > loose all the data they didnt remember to backup, my job is done.


    Yeah, what do you care about the box still being abused as a spam-bot or
    something, because you overlooked a piece of malware. Not your problem,
    right?

    Besides, someone who actually knows what he's doing (i.e. someone who is
    not you) would do a backup of the user's data before proceeding to the
    reinstall.

    > You are right, I "cant know for sure" if malware is still there. If i
    > dont know its there and the pc is working normally and the owner is
    > happy, then does grandma really give a crap as long as she can send
    > email and browse the web?


    The people being targeted by attacks utilizing that still-compromised
    box probably will. But hey, not your problem, right?

    > So when a single mom, or whoever says hey, i get these nasty popups
    > and my internet is so slow can you fix it? i say sure, pop in a usb
    > drive full of tools and in a hour or so of playing around, the popups
    > are gone and everything else operates as normal.


    Yeah. Who cares that the box is still sending spam. Or hosting phishing
    sites. Or child porn. Not you, apparently.

    > She didnt have to try to tell me where all her files are, I didnt have
    > to save all the emails that are important for her, i didnt need her to
    > bring me all the windows, office, and other cds to put back on...


    Yeah. How very convenient for you. After all, why should you care about
    all the other people on the internet being targeted by attacks
    originating from the box you "cleaned"? Not your problem, right?

    > Sure reinstalling a pc may be nothing to assure your piece of mind.
    >
    > But to sally public, the last thing they want to hear is sorry. I hope
    > you had your crap backed up
    > All they want to here is, here you go its just fixed...


    Guess what: what they want to hear ain't always what they need.

    Besides, I'm always amazed at how people like you - who don't even
    manage to reply to the posting they're obviously responding to - would
    claim to be capable of cleaning an infected machine.

    cu
    59cobalt
    --
    "If a software developer ever believes a rootkit is a necessary part of
    their architecture they should go back and re-architect their solution."
    --Mark Russinovich

Similar Threads

  1. Who is using the dotDefender (Application Security Firewall)?
    By wimvincken in forum alt.computer.security
    Replies: 0
    Last Post: 06-16-09, 07:39 PM
  2. Replies: 0
    Last Post: 03-27-09, 06:43 AM
  3. Replies: 0
    Last Post: 03-27-09, 06:33 AM
  4. Install says TCP Optimizer.exe is not a valid Win32 application
    By Sloop123 in forum Broadband Tweaks Help
    Replies: 4
    Last Post: 02-09-08, 07:10 PM
  5. database application share
    By omaralrayah in forum Networking Forum
    Replies: 1
    Last Post: 04-23-07, 03:36 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •