This is not a post directly related to my blog but i am sure there are few people out there that might be facing same issues. In the last one week i had friends whose windows machines have been infected the XP Antivirus 2010, which seems to be a clone of XP Antivirus 2009. The symptoms include that you are get annoyings popups asking you to pay for an antivirus, i hope you have exposed yourself already.
There are so many ways to fix this problems.
The first one is a biased solution, which is ditch your windows machine and buy a macOsx or format your machine and install ubuntu. Well i guess that wouldnt be a popular option.
So i have an alternative:
1. Install Malwarebytes, it is quite a good tool to remove malware from your machine.
You would notice that it would detect quite a number of malware, make sure after the full scan, you remove all the infections detected.
You are also gonna notice that, .exe files would not work after you have deleted the threats discovered by Malwarebytes.
2. To fix .exe files not working, follow the steps described below.
Have the following text copied into a notepad :-
------Start --------Do not copy this line, copy starting next line ----------------
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"TileInfo"="prop:FileDescription;Company;FileVersion"
"InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size"
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PEAnalyser]
@="{09A63660-16F9-11d0-B1DF-004F56001CA7}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"
[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
-----------End--------------Do not copy this line. Copy till the end of previous line------------
Boot the computer in safe mode with networking
- Usually by tapping F8 when the computer boots up
Open My Computer, Click on tools and then folder options.
Select - "Show hidden files and folders"
- Uncheck "Hide protected operating system files"
Apply and then OK
For XP :-
5. Navigate to C:\Documents and Settings\%userprofile%\Local Settings\Application Data
Look for either of the following files :-
- av.exe
- msascui.exe
And delete these files .... Hopefully these should have been removed by the malwarebytes.
Now open the notepad file saved on your desktop earlier
Click on file-> save as
- Select file type as all files
- Name the file as fix.reg
- Encoding should be Unicode
Run that file, it will edit the registry accordingly
Now restart the computer in normal mode and everything should working fine.
No comments:
Post a Comment