Help completely remove a virus (I think that its av.exe)

So I think I got most of the virus (I think it might be the av.exe virus) out of my computer. I think I got a virus that has been described at this link http://answers.microsoft.com/en-us/windows/forum/windows_vista-windows_programs/unable-to-open-exe-files/039ceca1-c81f-4136-8c04-bf13c0378495.  This forum says that when you click right a program there is an option that appears who says departure. This should not be here and I have no idea what else to do. I had Avg and Malware Bytes scan who abducted 17 virus/Trojan horses and I ended up all this work, but I'm sure that this option 'Start' should not be here. Should I be worried and there at - it a way to get rid of it?

Hello

Use above message for intense and thorough check for malware.

To restore the ability to run any .exe programs.

1 make a Restore Point so that you can come back if necessary back although probably not required.

How to create a Vista System Restore Point
http://www.Vistax64.com/tutorials/76332-system-restore-point-create.html

How to make a Vista system restore
http://www.Vistax64.com/tutorials/76905-System-Restore-how.html
2. copy BETWEEN these lines and paste it into Notepad - save as exefileFix.reg - then right
Click on it and FUSION - REBOOT

DO NOT COPY THE LINES
-----------------------------------------------------------------

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\. [EXE]
@= "exefile".
"Content Type"="application/x-msdownload".

[HKEY_CLASSES_ROOT\. EXE\PersistentHandler]
@= "{098f2470-bae0-11cd-b579-08002b30bfeb}".

[HKEY_CLASSES_ROOT\exefile]
@= "Application".
"EditFlags" = hex: 38, 07, 00, 00
"FriendlyTypeName" = hex (2): 40, 00, 25, 00, 53, 00, 79, 00, 73, 00, 74, 00, 65, 00, 6 d, 00, 52,------.
00, 6f, 00, 6f, 00, 74, 00, 25, 00, 5 c, 00, 53, 00, 79, 00, 73, 00, 74, 00, 65, 00, 6 d, 00, 33, 00,------.
32,00, 5 c, 00, 73, 00, 68, 00, 65, 00, 6 c, 00, 6 c, 00, 33, 00, 32, 00, 2nd, 00, 64, 00, 6 c, 00, 6 c,
00, 2 c, 00, 2d, 00, 31, 00, 30, 00, 00, 31, 35, 00, 36, 00, 00, 00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags" = hex: 00, 00, 00, 00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
""IsolatedCommand"="\"%1\" %. "

[HKEY_CLASSES_ROOT\exefile\shell\runas]

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
""IsolatedCommand"="\"%1\" %. "

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@= "{86C86720-42A0-1069-A2E8-08002B30309D}".

[- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice]

--------------------------------------------------------------
DO NOT COPY THE LINES

If necessary:

Check the fix of exe here
http://www.Winhelponline.com/articles/105/1/file-association-fixes-for-Windows-Vista.html

Also check this one if it applies
http://www.Winhelponline.com/articles/165/1/restore-the-exe-file-association-in-Windows-Vista-after-incorrectly-associating-it-with-another-application.html

How to set default Associations for a program under Vista
http://www.Vistax64.com/tutorials/83196-default-programs-program-default-associations.html

I hope this helps.

Tags: Windows

Similar Questions

  • My computer redirects me to random pages and turn my CPU at 100%... I think that his "ping.exe".can someone help?

    Original title: ping.exe

    I have something on my computer that redirects me to random pages and runs my CPU at 100%... I think that his "ping.exe".can someone help?

    MalwareBytes's AntiMalware - no AntiVirus. ;-)

    Probably your best bet - flatten (wipe) the system and start from scratch.  You will need your most recent backup (your stuff, like your documents, photos, music, video, spreadsheets, databases, presentations, bookmarks/Internet favorites, e-mail contacts, serial number, proof of purchase/receipts, that may have been scanned in, etc. and so on...) and a good list of installed software and hardware specifications (I suggest Belarc Advisor running on the current system and print the results if possible) then you can get the drivers before or after installation.

    Of course, you will also need your multimedia installation product key/serial numbers and that go hand in hand.  In Windows XP - there is no way for me to know (without telling you) what level your installation CD is... so you will need to install the SP2 and SP3 after installing the operating system.  I would leave it disconnected from the Internet (physically) until it is at least SP3 and you have confirmed its firewall is enabled and, if possible, you have installed an antivirus application.

    For you, I suggest the eSet 32 antivirus (not more) - which costs ~ $60 every two years for private users.  Add to that the MalwareBytes full package which costs, if I remember, ~ $25 for life.

    Then, once the system * is * connected to the Internet (physically) - get hardware drivers installed for everything and the rest 100 + installed post-SP3 updates.  Then you can worry about all your other programs and restore your files LAST.

  • Cannot update creative cloud, error code 1003. I think that its blocked by webfilter, what is the URL to update the server?

    I think that its blocked by webfilter, what is the URL to update the server?

    Please remove Cloud Creative app-

    Install the cloud creative app - https://helpx.adobe.com/creative-cloud/help/install-apps.html

  • When im on firefox and try clicking on websites, I get several redirects, I think that its because of one of the extensions but I don't know how to check

    whenever I'm on firefox it starts randomly redirect me to other sites I think that its because of one of my extensions, but I do not know how to check or what is the origin of the problem please help

    Thank you fixed it

  • Help to remove a Virus

    I have a Gateway computer running Windows Vista. Everything was fine until today when the computer went crazy. It was shortly after the opening of an email in the Yahoo mail Preview window, so I can't that assume the virus came from, but I didn't click on any attachments.

    Now for the hard part. I don't have any antivirus installed on my computer prior to this software. Stupid, I know. I can't go online from my computer because all that it has blocked internet access, so I can't fix it with any one of the online scanners. I also tried to install an antivirus (Kaspersky) software on the computer. In safe mode, it hangs at halfway through the installation. In normal startup mode, the program will not even attempt to install, and the computer tells me the CD I try installing from ot is a virus.

    I'm out of ideas. What should I do if I can't get help in the computer? I know that I could always wipe the HD, but I don't want to lose my files.

    Hi Maria239 and ajs795,

    Do NOT BUY the bogus software because he won't always help in removing the fake software itself,
    It takes your money.

    What is the name of the bogus software and the website it directs you to. We can tell you
    How to remove it when we have the correct information.

    --------------------------------------------------------

    If you need search malware here's my recommendations - they will allow you to
    scrutiny and the withdrawal without ending up with a load of spyware programs running
    resident who can cause as many questions as the malware and may be more difficult to detect as the
    cause.

    No one program cannot be used to detect and remove any malware. Added that often easy
    to detect malicious software often comes with a much harder to detect and remove the payload. Then
    its best to be thorough than paying the high price later now too. Check with them to one
    extreme overkill point and then run the cleaning only when you are sure that the system is clean.

    It can be made repeatedly in Mode safe - F8 tap that you start, however, you must also run
    the regular windows when you can.

    Download malwarebytes and scan with it, run MRT and add Prevx to be sure that he is gone.
    (If Rootkits run UnHackMe)

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

    Malwarebytes - free
    http://www.Malwarebytes.org/

    Run the malware removal tool from Microsoft

    Start - type in the search box-> find MRT top - right on - click RUN AS ADMIN.

    You should get this tool and its updates via Windows updates - if necessary, you can
    Download it here.

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN
    (Then run MRT as shown above.)

    Microsoft Malicious - 32-bit removal tool
    http://www.Microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

    Microsoft Malicious removal tool - 64 bit
    http://www.Microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495e-94E7-6349F4EFFC74&displaylang=en

    also install Prevx to be sure that it is all gone.

    Download - SAVE - go to where you put it-right on - click RUN AS ADMIN

    Prevx - Home - free - small, fast, exceptional CLOUD protection, working with others
    security programs. It is a single scanner, VERY EFFICIENT, if it finds something to come back
    here or use Google to see how to remove.
    http://www.prevx.com/   <-->
    http://info.prevx.com/downloadcsi.asp  <-->

    Choice of PCmag editor - Prevx-
    http://www.PCMag.com/Article2/0, 2817,2346862,00.asp

    Try the demo version of Hitman Pro:

    Hitman Pro is a second scanner reviews, designed to save your computer from malicious software
    (viruses, Trojans, rootkits, etc.). who infected your computer despite safe
    what you have done (such as antivirus, firewall, etc.).
    http://www.SurfRight.nl/en/hitmanpro

    --------------------------------------------------------

    If necessary here are some free online scanners to help the

    http://www.eset.com/onlinescan/

    New Vista and Windows 7 version
    http://OneCare.live.com/site/en-us/Center/whatsnew.htm

    Original version
    http://OneCare.live.com/site/en-us/default.htm

    http://www.Kaspersky.com/virusscanner

    Other tests free online
    http://www.Google.com/search?hl=en&source=HP&q=antivirus+free+online+scan&AQ=f&OQ=&AQI=G1

    --------------------------------------------------------

    Also follow these steps for the General corruption of cleaning and repair/replace damaged/missing
    system files.

    Run DiskCleanup - start - all programs - Accessories - System Tools - Disk Cleanup

    Start - type this into the search-> find COMMAND to top box and RIGHT CLICK-
    RUN AS ADMIN

    Enter this at the command prompt - sfc/scannow

    How to analyze the log file entries that the Microsoft Windows Resource Checker
    (SFC.exe) program generates in Windows Vista cbs.log
    http://support.Microsoft.com/kb/928228

    Run checkdisk - schedule it to run at the next startup, then apply OK then restart your way.

    How to run the check disk at startup in Vista
    http://www.Vistax64.com/tutorials/67612-check-disk-Chkdsk.html

    -----------------------------------------------------------------------

    If we find Rootkits use this thread and other suggestions. (Run UnHackMe)

    http://social.answers.Microsoft.com/forums/en-us/InternetExplorer/thread/a8f665f0-C793-441A-a5b9-54b7e1e7a5a4/

    I hope this helps.

    Rob Brown - MS MVP - Windows Desktop Experience: Bike - Mark Twain said it right.

  • Helps to remove a Hypertext/mailto link that I can't find.

    I have a PDF of several page I added a form. When I get to the fourth page the hand becomes a pointer and if I click anywhere on the page it opens an e-mail addressed to: '2; @;. 3078.:UVW ". I can't find a hyperlink anywhere in the document. Is there a way to view all hyperlinks in the document or a way of linerize the objects so I can find and remove the hidden link? How can I fix it? It happens randomly, and the mailto value changes, but is always a random set of letters and numbers.

    Thank you

    I think that Acrobat incorrectly identify an e-mail address and adding a link to it.

    You can try to disable it by unchecking the following parameter: Edition - Preferences - general - create links from URLs

  • Cannot update Windows / / Windows think that its true / / Windows Explorer crash

    BACK STORY: Windows told me that my old HDD is faulty and I need to replace it. I therefore created a system disk image and restore the HARD drive fault and buy a new. I have restored my image for the new HARD drive, and apparently some of the system files that got copied have been corrupted.

    I'll HAVE PROBLEMS: The main problem I encounter is that windows will not update. I'll go to the start menu and try to choose windows update and it will sit in the windows Explorer screen blank until it crashes. This is the only time that windows Explorer will crash it's fine otherwise. If I have correctly interpreted my read, inability to update windows is caused by the software is is not authentic. Which brings me to the next point.
    Windows don't think that it is authentic, even if I see the CDKEY in the system information window and when I hit "Activate Windows" in the search bar in the start menu, that it says "Activation was successful." I get a window saying: http://imgur.com/OQlZDhR I thought that I humor the system and try and validate it although this Web site: http://www.microsoft.com/genuine/validate/DownloadValidationSupport.aspx?displaylang=en when I try and install the software Validation of Windows, I get this error: http://imgur.com/8lb0abR 
    TECHNICAL issues: I bought my computer from a major retailer with Windows Vista, he came with an OS disk. I've then upgraded to Windows 7 a few months after it is released and subsequently lost the installation disk that really means nothing because it is not the full operating system. So, indeed, I have no way to find my drive upgrade for windows reinstall/repair, which is what I would have done originally.
    What I DID: I ran the command " Sfc/scannow " to the command window and he returned with: http://imgur.com/OD6WygE when I try and access the .log for this, he tells me access denied and I can't access the safe my life.
    QUESTION: Is there something I can do to fix this? Something like a Windows download different difficulty tool or something else that I don't know who's going to help me fix the windows before going outside and by a new Windows 7 disc to repair the files?
    Thank you for your time
    > Simon
    EDIT: Tried to start in safe mode, I can't even open the windows update screen, just, it is there and does nothing.
    Edit2: Run the Microsoft Genuine Advantage diagnostic tool, such as requested by another user, post results later.

    The common cause for these mismatches is a defective Intel Rapid Storage Tech driver

    Download and install the latest version of...

    https://Downloadcenter.Intel.com/Detail_Desc.aspx?DwnldID=22194

    You need

    iata_enu.exe

    Restart then run another MGADiag report and view the results.

  • Help me remove music files duplicate 4700 that grows like rot on a

    Could not stop the download of multimedia information and have now 4700 music files that continue to grow

    Help, please.

    To begin with, I'd stop any application that can be download all these files, Windows Explorer, itunes, Media Player, or other. Set to zero if you have to. Then I would start in Mode safe mode and do a few things.

    Get your updated antivirus program and boot into Safe Mode. Note that some viruses can hide from your normal antivirus program, so you really need to scan in Safe Mode. To enter in Safe Mode when you turn on first, press F8 on every seconds until you get the menu, and then select Safe Mode. Then run a complete system scan.

    Microsoft has suggestions and offerings to

    http://Windows.Microsoft.com/en-us/Windows7/how-do-I-remove-a-computer-virus

    Moderator Forum Keith has a few suggestions along this line to

    http://answers.Microsoft.com/en-us/Windows/Forum/Windows_7-performance/Windows-Explorer-has-stopped-working/6ab02526-5071-4DCC-895F-d90202bad8b3

    If that suits him fine. If this is not the case, use system restore to go back to an earlier date at the beginning of the problem. To run system restore, click Start-> programs-> Accessories-> System Tools-> system restore. Click on the box that says show more restore points.

    You can check the corrupted system files. Open an administrator command prompt and run SFC if the above does not help. Click START, and then type sfc in the search box, right-click to SFC. EXE and click run as administrator. Then, from the command prompt type sfc/scannow.

    Finally if all else fails, you can look at the rather cryptic system event log. To make, click Start-> Control Panel-> administration-> event viewer tools. Once in Event Viewer system log-click and scroll entries looking for these "error" with indicator see if you can find guidance on where the problem may be.

    I hope this helps. Good luck.

  • Any help to remove the virus startnow? Im running Windows 7.

    Hello

    I am running Windows 7 and it seems that I am infected by the bug "startnow.  I get redirected to their page without asking for confirmation.  I was able to remove the program file, but it does not solve the problem.  I found a bit about it on the net, but no corrective measures.  I ran the Windows Security Scanner with no result.  Found a step by step, recommend deleting the [random] .exe in the menu of the process in the Task Manager.  I have not found any such process.

    Any help is greatly appreciated.  Thanks in advance
    Don.

    Get your updated antivirus program and boot into Safe Mode. Note that some viruses can hide from your normal antivirus program, so you really need to scan in Safe Mode. To enter in Safe Mode when you turn on first, press F8 on every seconds until you get the menu, and then select Safe Mode. Then run a complete system scan.

    -

    Microsoft has suggestions and offerings to

    http://Windows.Microsoft.com/en-us/Windows7/how-do-I-remove-a-computer-virus

    -

    Moderator Forum Keith has a few suggestions along this line to

    http://answers.Microsoft.com/en-us/Windows/Forum/Windows_7-performance/Windows-Explorer-has-stopped-working/6ab02526-5071-4DCC-895F-d90202bad8b3

    -

    If that suits him fine. If this is not the case, use system restore to go back to an earlier date at the beginning of the problem. To run system restore, click Start-> programs-> Accessories-> System Tools-> system restore. Click on the box that says show more restore points.

    -

    You can check the corrupted system files. Open an administrator command prompt and run SFC if the above does not help. Click START, and then type CMD in the search box, right-click on CMD. EXE and click run as administrator. Then, from the command prompt type sfc/scannow.

    -

    Finally if all else fails, you can look at the rather cryptic system event log. To do that click on start-> Control Panel-> administration-> event viewer tools. Once in Event Viewer system log-click and scroll entries looking for these "error" with indicator see if you can find guidance on where the problem may be.

    `

    When you get your system in good working condition, I invite you to back up your system up to an external hard drive and make it regular periodic updates.

    -

    I hope this helps. Good luck.

  • broadcasting live does not appear, and I think that its connected to the "firefox" bug, please help, new mac user!

    so far, your main problem is flash player, you must include the updates Flash Player with all the updates of firefox, oh and updated player get. It's your bug I 'think '. If it is not part of the territory firefox let me know. However, will not be broadcast live, I asked them, they had little info. including, you update your browser recently - with no answer to this question, so here I am. I don't know if the flashplayer or everything that has nothing to do with live stream or not, BUT quicktime play or help live streaming right? have no idea and the new mac user. GL

    Adobe Systems, Inc. (owner of Adobe Flash) is not related to Mozilla Org in any way. Mozilla has nothing to do with updates to the software they do not create or owned by another company.

    You have a very old version of Flash installed - Shockwave Flash 9.0 r47 - you must upgrade to the latest version available for Mac OSX 10.4.

    http://www.Apple.com/downloads/macosx/internet_utilities/adobeflashplayer.html

  • Microsoft safety scanner only partially remove Sirefef.AH Virus. What would be the next steps to completely remove this virus?

    I scanned with MSE, Microsoft Security Scanner, Spybot S & D and nothing's going to get rid of this virus. At this point, Microsoft Security Scanner is the only one to recognize the presence of the virus. The rest say that the computer is clean. Help me please!

    Thank you

    Mike

    Several options can be found here: http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/keep-getting-virus-trojen-win32-sirefefah/3b0081c8-5342-4683-b434-e1a42f3cda10

    Suggest revisiting you and make your choice.  And if you don't mind, let us know what works for you... it will help the people who have read this thread.

    Note of the suggestion of tricky300 about Superantispyware.  You could try Superantispyware Portable to include put it on a flash drive and it works from the flash drive to scan your computer.

    Kind regards...

  • Please HELP: after removing a virus I've lost all my personal files, and I have no restore points to use as recovery.

    I had a guest to use a program called Windows restore, it looked and behaved as if what I thought was a Trojan horse.  Then I left the guest to the top and ran rKill followed by Malwarebytes, then the computer restarted itself.  But here's the error I made.  One of the websites I've read about the virus, told to turn off Windows system restore before you run these programs.  So I did, without realizing that the practice has so deleted restore points saved in the system restore.  Only the initial programs supplied with my computer start the CPU appeared on a black desktop computer.  My photos, music, documents and other programs I download weren't there.  Empty all files in my profile in my computer.  In addition to the recovery of the system Windows if not, how can I retrieve this information.  I've used up what little knowledge troubleshooting I have.  Thank you for your suggestions.

    Your files have probably been hidden.

    This article includes a link (towards the end) to a program that can view your files.

    http://www.bleepingcomputer.com/virus-removal/remove-Windows-restore

  • How to remove Search Genius - I think that it came in my Mac when I installed Adobe Player recently.

    How to remove Search Genius, I jumped in my system after installing Adobe Player recently.

    Have you tried dragging it to the trash?

  • My Firefox does not have to be updated. He still thinks that its version is 3.5 although I've updated in and update regularly and now have v9.0.1. installed. Why does this happen?

    I tried their utmost to address this issue myself. Nothing helps. Installation, reinstall, upgrade... (even disabling all add-ons)... .my Firefox still believes that it has not been updated since v 3.5.5 (though about Firefox accurate the version to be 9.0.1). Here is the proof of the problem:
    Photo showing the version of Firefox in the menu help rather than the version found here

    Need help please, it is a major issue for me. I like Firefox and I would not be forced to install another browser.
    Thanks for any help resolving this issue.

    Your user agent is corrupted by the Fast Browser Search (FBSMTWB) that identifies you like Firefox/3.5.5

    see your user agent:

    Mozilla/5.0 (Windows; U; Windows NT 5.1; en - us; RV:1.9.1.5) Gecko/20091102 Firefox/3.5.5 GTB5 (.NET CLR 3.5.30729) FBSMTWB TTLSkins

    you need to reset the user agent

    See also these pages and discussions on Fast Browser Search (FBSMTWB in the user agent).

    http://help.fastbrowsersearch.com/

    http://www.pccybertek.com/2009/05/remove-fast-browser-search

    Thank you

    Please check 'Resolved' the answer really solve the problem, to help others with a similar problem.

  • NEC ND - 4551 P - ATA Firmware 1.09 - latest version (I think that its 2011)

    I upgraded my Windows xp to windows 7 and cannot get my dvd rw to work. I went on many sites online, but when I find a site that has this firmware it seems to be just a link to another site that does not have it or who is a very old file. If anyone can help me find this firmware it would be highly appreciated. Thank you very much

    Saturday, September 29, 2012 19:26:33 + 0000, SteveJohnsonffc wrote:

    I upgraded my Windows xp to windows 7 and cannot get my dvd rw to work. I went on many sites online, but when I find a site that has this firmware it seems to be just a link to another site that does not have it or who is a very old file. If anyone can help me find this firmware it would be highly appreciated. Thank you very much

    Whenever you switch to a new version of Windows, you must install
    drivers (software that interfaces between the hardware and)
    Windows) for printers, scanners, video cards, etc., which have been
    written for this new version of Windows.  And also note that you need
    different determinants for a 32-bit version of Windows and a 64-bit
    Version.

    It is the manufacturer of the hardware to write and
    available to download these drivers. Especially if your hardware is
    older, it is quite possible that the manufacturer has decided that it is not
    a value of his time and effort to develop drivers for the hardware that it is
    selling more.

    Check with the manufacturer or on their web site to see if a pilot
    There are. If it, download and install it. If it isn't, you're out
    lucky. In looking at http://support.necam.com/OEM/, it seems
    the NEC does not have a driver for your DVD player, and you will need
    replace the drive with a newer version.
    In the future, before making such an upgrade, make sure you have
    done the appropriate research to find out what drivers do not exist,
    and so what equipment you need to replace if you upgrade.
    Ken Blake, Microsoft MVP

Maybe you are looking for

  • is ios10 on my iPhone with my mac os 9.1.2 compatible?

    is ios10 on my iPhone with my mac os 9.1.2 compatible?

  • Watch OS 2.2.1 workouts App display zoom

    I guess it's just a bug that will have to wait for an update from Apple (watch OS 2.2.2), but everyone having display problems with the App of workouts after the 2.2.1 update. In my case, that the display is enlarged to about 125 to 150%, which means

  • Locked due to changed past

    I successfully changed my password yesterday... however... it worked here on my computer... changed my password... and now I don't know what it is... it must be... waiting for important information! Separated from the: http://answers.Microsoft.com/en

  • How can I check to see if I have a bluetooth receiver installed on my system?

    Problems of Bluetooth for a HP Media Center m8120n is installed with Vista Ultimate. I have a HP Media Center m8120n is installed with Vista Ultimate.  I want to know if I have bluetooth already installed on this computer.  It is Bluetooth when I typ

  • Screensaver on Windows 7 64 bit does not

    Hello - hoping someone can help me... I am running windows 7 64 bit on my dell XPS 630i. I leave my computer running for various reasons and am dependent on my work as a screen saver. My screen saver recently stop working. It will not auto start. Any