Is b.exe virus the culprit

September 23, 2009 at 07:15:58
Specs: Windows XP
I believe I am infected wuth virus b.exe. I saw this process running after problem occured. I tried to end it several times but it keeps returning. . My desk top--all icons and start menu--disappeared so I can only access some programs through task mgr. Safe Mode desk top is also gone Any attempt to run programs like Hijackthhis to evaluated problem either fail or will not open along with msg that I dont have authority. Spybot opened but process terminated. If I try to go to any web site that relates to malware/virus removal, web page is ussually blocked but sometimes redirected. Can anyone tell me how to solve this pernicious virus. I even tried to do a clean install, but cd drives wont boot the disc.

See More: Is b.exe virus the culprit

Report •


#1
September 23, 2009 at 07:33:29
search the hdd for b.exe file

try deleting it

i have seen this before

to boot from cd, you need to configure bios for that

our patience is big


Report •

#2
September 23, 2009 at 07:49:26
Searching the HDD is not possible--there is only limited functionality--Regarding configuring the Bios, I'm a beginner and lack sophistication to attempt that, but thanks for the reply.

Report •

#3
September 23, 2009 at 07:53:32
in the task manager write cmd > in the black window write
Dir /d b.exe > press enter > say if it finds it

our patience is big


Report •

Related Solutions

#4
September 23, 2009 at 07:57:46
Following you instructions, "File not found" came back.

Report •

#5
September 23, 2009 at 08:00:43
Dir /s b.exe maybe ???

try this :

dir C:\WINDOWS\system b.exe

our patience is big


Report •

#6
September 23, 2009 at 08:13:48
For Dir/s b.exe this came back:

Volume in C drive has no label
Volume serial number is 5c60-eda9

Diectory of C:/documents and settings/owner.omalfamily/local settings/temp
9/18/09 1:28 pm.
152,576 b.exe
1 file(s) 152,576 bytes

Total file(s) listed:
1 file(s) 152,576
0 Dir(s) 62,957,309,440 bytes free


Report •

#7
September 23, 2009 at 08:16:59
there is b.exe file

write the following in cmd :
del C:/documents and settings/owner.omalfamily/local settings/temp/b.exe

our patience is big


Report •

#8
September 23, 2009 at 08:24:23
then search for the file again

you may receive a message "Access is denied"

then write ATTRIB C:/documents and settings/owner.omalfamily/local settings/temp/b.exe -H -S -R

and try again

our patience is big


Report •

#9
September 23, 2009 at 08:32:08
Following instructions for del C:/ come back was
C:\ documents and settings\OWNER.OMALFAMILY>

Report •

#10
September 23, 2009 at 08:34:15
so it`s done

now look for b.exe again and see if it`s there

our patience is big


Report •

#11
September 23, 2009 at 08:51:20
I checked Dir C:/s b.exe again, and the same come back occured as before showing 1 file(s) 152, 576. I also ran Dir C:\windows\system b.exe and the come back was a list of files (26) that were all date 2004 and earlier. Under the list was also "File not Found".

Report •

#12
September 23, 2009 at 09:15:09
Also, When I earlier entered th del C:/ command, the come back was Invalid switch - "documents" , if that helps.

Report •

#13
September 23, 2009 at 14:36:26
Hello Our patience is Big. I think i did successfull delete b.exe from the Temp file noted above. I've run the Dir/s command several times and the msg niw is "File not Found" However, the problem persists unabated. If fact, every single attempt ive made, except one, to run a malicious software scan has been terminated as soon as it started to scan. The one prgram that did run and complete a scan found the following: 1) Trojan.Donwloader.47149 msa.exe, deleted; and 2)Trojan.dowwnloader.47369iehelpmod.dll,Incurable.moved.

Report •

#14
September 25, 2009 at 07:54:04
in the task manager write explorer

that should do it

sorry for the delay

our patience is big


Report •

#15
September 26, 2009 at 05:04:59
Following you last instruction, the reponse to putting explorer in the task manager was : "You cannot access the specified file, device or file. You may not have the appropriate permission to access them".

Report •

#16
September 26, 2009 at 05:33:53
navigate to c:\Windows\

right click click on explorer.exe > go to security tab > unckeck all check in Deny section and check everything in allow section

do the same to the another explorer.exe file because there are two of them ( it`s located in Windows folder as well )

our patience is big


Report •

#17
September 26, 2009 at 10:31:16
Maybe I didn't navigate to C:\Windows correctly. I put cmd command and got to black window which had C:\documents and settings\OMALFAMILY> I put C:\windows\ after that and got "C:\Windows\ is not recognized as an internal or external command, operable program or batch file".

Report •

#18
September 26, 2009 at 10:32:11
maybe, maybe

correct your mistake

our patience is big


Report •

#19
September 26, 2009 at 10:36:21
When I put C:\Windows \ into task manager, the repponse was the same as before "You cannot access the specified file, device or file. You may not have the appropriate permission to access them".

Report •

#20
September 26, 2009 at 10:47:06
make sure you`re an admin

refer to Response Number 16

don`t navigate to Windows path with cmd

in task manager write C:\WINDOWS and press ENTER

our patience is big


Report •

#21
September 26, 2009 at 11:21:41
I could not log on as Admin in regular mode so I did so in Safe Mode.I attempted to open C:\windows\ as administrator and again recieved the same reply "You cannot access the specified file, device or file. You may not have the appropriate permission to access them".

Report •

#22
September 26, 2009 at 11:26:16
refer to response number 16 and do the same to c:\Windows\folder

our patience is big


Report •

#23
September 26, 2009 at 13:27:42
tjojr1, you've spent alot of time on this. You can try unhackme:
http://www.greatis.com/unhackme/dow...

Use the beginners guide on the left side of the download page. Make sure to run all the scans and if you run into a problem you don't know if you should delete do a google search on it and see if it is safe to delete or post the problem back here.

Run the scans untill the PC is clean of infections. I have used it for 2 other cases of b.exe which is a rootkit.
Good Luck

PS: DON'T delete anything that you don't know....post back

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

#24
September 27, 2009 at 12:57:41
I tried to download and run unhackme. although I believe the download completed, i could not, using Task manager, unzip/open the file to get the program to run. As for Imperator's prior advice to log in as adminitrator and enter C:\Windows\folder into task manager, i again was told "You cannot access the specified file, device or file. You may not have the appropriate permission to access them".

Report •

#25
September 28, 2009 at 05:16:32
1.Open Internet Explorer
2.Click on Tools
3.Click on Internet Options
4.Select SEcurity tab and click Custom Level
5.In the Miscellaneous section, set the ‘Launching applications and unsafe files’ to Prompt (recommended)
6.Click OK ( or Apply )

our patience is big


Report •

#26
September 28, 2009 at 09:27:17
I would then suggest a repair install:
http://www.microsoft.com/windowsxp/...
You will need an XP install disc to do this. Home=Home, Pro=Pro, you can't mix and match.
You will have to redo your critical updates after that.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •


Ask Question