I saw the other thread pertaining to this but I have a little more of a problem. I have just recieved a virus/malware called XP Internet Security 2010. All of the solutions I have found either involve running an exe file or ridding of certain files(which are not there)/editing registry. I can't run any exe file, including any removal tools, much less being able to open regedit. What happens is....I double click the exe file, and it opens the window where it asks you the program to open it with. The only way I have been able to open firefox is by opening it with itself. Any ideas?
Update: I just got malwarebytes installed and ran. The way I did this is by opening the exe program with itself in the "Open With" window. But I cant get the installed exe to run with itself in the same fashion. Below is a list of stuff it found and supposedly removed.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
I still cant access a thing in control panel like add/remove programs. It says rundll32.exe cannot be found. I still can't get into regedit either. Boot up seemed to hang up on the welcome screen since removing the above registry items.
Update2! Okay computer is back to running the way its supposed to. I found this registry fix file called xp_exe_fix.reg, double clicked it and rebooted pc. Everything seems to be running properly now. Im still kinda leary as to what might have been left of the virus. I did run mbam again and it came back with finding nothing.
Zoh well I just wanted to come back and explain to anyone else that might be having the same issue.
If anyone has an idea where I could double check to make sure this virus is gone, please let me know.
Thanks.
Last edited by Jrayj on 5th March 2010, 6:10 pm; edited 2 times in total (Reason for editing : I think I fixed the problem.)
Update: I just got malwarebytes installed and ran. The way I did this is by opening the exe program with itself in the "Open With" window. But I cant get the installed exe to run with itself in the same fashion. Below is a list of stuff it found and supposedly removed.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
I still cant access a thing in control panel like add/remove programs. It says rundll32.exe cannot be found. I still can't get into regedit either. Boot up seemed to hang up on the welcome screen since removing the above registry items.
Update2! Okay computer is back to running the way its supposed to. I found this registry fix file called xp_exe_fix.reg, double clicked it and rebooted pc. Everything seems to be running properly now. Im still kinda leary as to what might have been left of the virus. I did run mbam again and it came back with finding nothing.
Zoh well I just wanted to come back and explain to anyone else that might be having the same issue.
If anyone has an idea where I could double check to make sure this virus is gone, please let me know.
Thanks.
Last edited by Jrayj on 5th March 2010, 6:10 pm; edited 2 times in total (Reason for editing : I think I fixed the problem.)