×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Jobs

Virus removal and blocking exe files

Virus removal and blocking exe files

Virus removal and blocking exe files

(OP)
Hello,

A computer I'm working with has been infected with a virus.  From what I can tell, it was called xvj.exe and was a pop up advertising xp antispyware 2012.  Each time this came up, I used task manager to shut it down.

Ad-aware picked up this virus and removed it.  CCleaner then showed missing registry files located in HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache

It appears that FlashUtil10p_ActiveX.exe was also associated with it.

From what I can tell, xvj no longer appears in the computer and after a registry search, it's not in there either.

Removing this did have a consequence.  Now most of my exe files will not work.  I have opened file types and tried to add exe set to application, but that didn't do anything.

Anyone have any suggestions on how I can recover from the blocking of exe's?

Thanks.

If at first you don't succeed, then sky diving wasn't meant for you!

RE: Virus removal and blocking exe files

(OP)
I logged into safe mode and was able to perform a system restore.  At the moment, everything seems to be working again.

If at first you don't succeed, then sky diving wasn't meant for you!

RE: Virus removal and blocking exe files

Quote:

xp antispyware 2012
do yourself a favor, check the DEFAULT USER profile, go into every little folder (look in all nooks and grannies), to see if the there is an EXE hiding there...

also run scans using BOTH of the following anti-malware apps (free or trial version will do):

MBAM
http://www.malwarebytes.org/

SuperAntiSpyware
http://www.superantispyware.com/

 

Ben
"If it works don't fix it! If it doesn't use a sledgehammer..."
How to ask a question, when posting them to a professional forum.
Only ask questions with yes/no answers if you want "yes" or "no"

RE: Virus removal and blocking exe files

System restore points can also be infected, so watch out for that. If .exe files won't work, I use this. Just save it as whatever.reg. Remember to backup your registry first. =)

CODE

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

[HKEY_CLASSES_ROOT\.exe\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"

[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"TileInfo"="prop:FileDescription;Company;FileVersion"
"InfoTip"="prop:FileDescription;Company;FileVersion;Create;Size"

[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"

[HKEY_CLASSES_ROOT\exefile\shell]

[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shell\runas]

[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"

[HKEY_CLASSES_ROOT\exefile\shellex]

[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PEAnalyser]
@="{09A63660-16F9-11d0-B1DF-004F56001CA7}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\PifProps]
@="{86F19A00-42A0-1069-A2E9-08002B30309D}"

[HKEY_CLASSES_ROOT\exefile\shellex\PropertySheetHandlers\ShimLayer Property Page]
@="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"
  

RE: Virus removal and blocking exe files

(OP)
Thanks for the responses.
@Ben, I actually used both of those programs after the restore.  Nothing showed up but that was only on quick scan.  I will perform a full scan.

@poonoodle,
Thanks for the registry entries.

If at first you don't succeed, then sky diving wasn't meant for you!

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close