Gaming Ashamed to say it, but I have a virus...

Danny Tanner

Well-Known Member
OP
Member
Joined
Dec 28, 2009
Messages
361
Trophies
0
Age
31
Location
New York
Website
Visit site
XP
207
Country
United States
I have the av.exe virus (which I got from a PSP theme site, nice!). I'm running safe mode right now, and I was able to delete the av.exe file from my computer, but I can access regedit.exe or msconfig.exe to do the rest of the cleaning. I am running Vista, and can't find any solutions online.

Nearly every other function on Windows (such as changing the screen resolution), is not opening, and instead asking me with which program I'd like to open it. Any advice?
sad.gif
 

Danny Tanner

Well-Known Member
OP
Member
Joined
Dec 28, 2009
Messages
361
Trophies
0
Age
31
Location
New York
Website
Visit site
XP
207
Country
United States
I tried to open my security software (Verizon Internet Security Suite, which is usually quite good) and did a complete spyware and antivirus scan, and both came up clean. One thing that makes me nervous is that when I search for regedit.exe and right-click, it gives the option 'start' in lower case like that. I actually just tried 'Run as Administrotor' and it opened, I just hope this is the real regedit (as I've never used it before and the files I'm supposed to remove aren't listed there).
 

KevInChester

Well-Known Member
Member
Joined
Jul 29, 2009
Messages
308
Trophies
0
Age
41
XP
176
Country
Open up Notepad and paste in the below, save as exefilefix.reg, then go to where you saved it and right click > merge, then reboot.

Credit goes to:
http://social.answers.microsoft.com/Forums...ae-111679b62782


Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice]
 
General chit-chat
Help Users
    TheLiamChannel @ TheLiamChannel: UM...