exe.file missing....

Discussion in 'NOD32 version 2 Forum' started by greenfly, Jan 3, 2007.

Thread Status:
Not open for further replies.
  1. greenfly

    greenfly Registered Member

    Joined:
    Dec 18, 2006
    Posts:
    43
    I try to install Smitfraudfix .When i download,nod allert me for a Win32 aplication
    Is not a virus but riskware tool,,i ignore that and continue with a download.
    When i extract a Rar.file the exe.file is missing,and i double click on Smitfraudfix Command script like the guide tell me.....
    RESULT:


    CScript Error: Can't find script engine "VBScript" for script "C:\Documents and
    Settings\Damir\Desktop\SmitfraudFix\GetPaths.vbs".
    'SetPaths.bat' is not recognized as an internal or external command,
    operable program or batch file.
    Could Not Find C:\Documents and Settings\Damir\Desktop\SmitfraudFix\SetPaths.bat

    SmitFraudFix v2.132

    Fichier Process.exe absent !
    Dezippez la totalité de l'archive dans un dossier.

    Process.exe file missing !
    Unzip all the archive in a folder.

    Press any key to continue . . .
    Can anyone help me...o_Oo_O??
     
  2. ASpace

    ASpace Guest

    NOD32 as well as most other antivirus softwares detect this as pottentially dangerous tool . If Smithfraudfix uses this for good , someone else can used it for bad(evil) purpose . Antivirus products cannot understand when this will be used for good or for bad . In your case NOD32 pop-up telling you it has removed that tool

    If you want to download it , you should temporary disable pottentially unwanted and pottentially unsafe application both in IMON and in AMON and then run this (or create an exception in them for that file(s)/site )

    Can you tell us why do you want to run this tool - do you think you are infected with Smithfraud variant and NOD32 is missing it . I am asking because generally NOD32 is excellent in fighting Smithfraud crap :thumb:
     
  3. greenfly

    greenfly Registered Member

    Joined:
    Dec 18, 2006
    Posts:
    43
    I want to install Smitfraudfix because recently when my windows start op ,i get a minidump error:
    .BCCode:1000008e BCP1:C000001D BCP2:F934FEED BCP3:F9E4CC2C BCP4:00000000 OSVer:5_1_2600 SP:2_0 Product:256_1

    C:\DOCUME~1\Damir\LOCALS~1\Temp\WERc901.dir00\Mini122404-01.dmp
    C.\DOCUME~1\Damir\LOCALS~1\Temp\WERc901.dir00\sysdata.xml
    I googled a lot,but it's to wide subject ,,,sound drivers,graphic,memory,BIOS..ecc
    I try to find someone Whom i can send this minidump files,because i don't have practice whit a Debugger ....I don't want to reinstall windows-want to learn as much as possible..............THANKS....
     
  4. ASpace

    ASpace Guest

    Well , I am sorry but I can't make a connection between this error and Smithfraud malware. If you had NOD32 installed and updated it is almost impossible to have something malicious including Smithfraud trojan.
     
  5. ASpace

    ASpace Guest

    Have you tried using Win XP's System Restore function to restore your system to previous state exactly as it was before so that this fixes possible errors . I would try this , Start->Programs->Accessories->System Tools->System Restore and follow the instructions to restore to a date before the error first occured.
     
  6. greenfly

    greenfly Registered Member

    Joined:
    Dec 18, 2006
    Posts:
    43
    you right Hy-Tech..I did installed smitfraudfix,,,find nothing..BRAVO-NOD--again....
    But the minidump problem it's still here......and that means : Me non-stop on computer,,,,,my wife are gonna to kill me........
     
  7. ASpace

    ASpace Guest

    Have you tried System Restore as suggested . Could help .
     
  8. greenfly

    greenfly Registered Member

    Joined:
    Dec 18, 2006
    Posts:
    43
    I tried system restore allready----nothing.. I think that's a driver problem...
     
  9. ASpace

    ASpace Guest

    Well , reinstalling drivers , applications that were in use when this occured , running sfc.exe to make sure all important Win files are OK ... Have no idea ...

    If you want to contact Microsoft Support , you can do it here (via phone,email...) :thumb: :thumb:
     
  10. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Please, i have said this before and will repeat it again. No slight to NOD, but the entire AV industry needs to improve detection of Smitfraud and your comment above certainly is not true. I collected another Smitfraud variant the other day and just uploaded it to VirusTotal and Jotti's 10 minutes ago and is only being detected by 5 AV's and NOD is 'Not' one of them. No use in posting the results as i'm sure they would just be deleted. Your enthusiasum for NOD is apparent but comments such as 'Almost Impossible' certainly should be refrained from as to not mislead users.

    The variant is called 'moviecodecs1163' and is detected as 'TR/Drop.Zlob.acn & Trojan.Win32.DNSChanger'.
     
  11. ASpace

    ASpace Guest

  12. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    No, not at all. Just try to choose your words more carefully seeing that this is a product forum. And yes, i will submit it.
     
  13. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, tobacco

    You do seem to have a high horse. :eek:

    You read what HiTech_boy wrote, also posted what he wrote, almost impossible.

    The operative word is almost, he did not say it is Impossible, so he did choose his words correctly.

    Take Care.
    TheQuest :cool:
     
  14. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Ladies and Gentlemen, enough of the personal banter please, lets' get back on topic.

    Cheers :D
     
  15. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Alrighty then.

    Sample sent to Eset packaged by winrar.
     
  16. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia

    Was "sample[AT]eset.com" not the right place to send the variant per Request. That was sent 6 days ago and even after the large updates today, it's still not detected via VT or Jotti's.

    I'm not a NOD user but was asked to send it to eset and went out of my way to do so.
     
  17. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Now Detected:thumb:
     
Thread Status:
Not open for further replies.