| Hello and Welcome to Tech Support Team! Before you can start posting and answering questions, you'll have to register. Registration is fast, simple and absolutely free! Feel free to browse through existing questions by choosing the forum you want to visit below. | |
|
 | 
26th April 2011, 07:09 PM
|  | TST Oracle | | Join Date: Dec 2007, 8,001 posts. Location: Market Haemorrhoids, Middle England Reputation:  | | | Problems after removing threatware
I have just cleared XP Total Security 2011 off the system but now any attempt to run a program from the list or desktop opens the Open With dialogue box. The program is there but refuses to run. Interestingly, running explorer from the hotkey (win + E) works fine.
Is there general setting that has been changed by the threatware and if so, where is it?
I have tried the usual windows repair tool but no improvement.
Grateful thanks up front!
__________________ Confuse and Prosper. |
27th April 2011, 07:43 AM
|  | TST Master | | Join Date: Dec 2007, 2,107 posts. Location: England Reputation: | | |
Have you tried sfc /scannow on it?
__________________ "If at first you do not succeed, sit down, have a coffee, have a smoke, and think for a bit. If that still doesn't work, post it on TST". |
27th April 2011, 08:04 AM
| | TST Oracle | | Join Date: Dec 2007, 8,001 posts. Location: Market Haemorrhoids, Middle England Reputation: | | |
HI Rik
nope - but I will in just a moment!
This threatware XP Total Security 2011 has/had an element in it that ran the threat whenever the user called a command file so now that the threat has gone I need to find a way to reset whatever change it made.
This one is the nastiest I have seen - I know it is not a virus but why do none of the AV products detect and prevent the things?
__________________ Confuse and Prosper. |
27th April 2011, 08:06 AM
| | TST Master | | Join Date: Dec 2007, 2,107 posts. Location: England Reputation: | | |
There is also a possibility that Ccleaner may find the registry entry for you. Ya never know!
Another thought, bung up a HJT log, I may be able to spot the problem in it!
__________________ "If at first you do not succeed, sit down, have a coffee, have a smoke, and think for a bit. If that still doesn't work, post it on TST". |
27th April 2011, 08:41 AM
| | TST Oracle | | Join Date: Dec 2007, 8,001 posts. Location: Market Haemorrhoids, Middle England Reputation: | | |
No good - won't run anything from the 'Run' box.
No apps are working but some of the windows embedded bits will work like explorer and drag and drop to file copy.
Oh well - time to recover what files I can and reinstall the lot!
__________________ Confuse and Prosper. |
27th April 2011, 08:44 AM
| | TST Master | | Join Date: Dec 2007, 2,107 posts. Location: England Reputation: | | |
Try HJT in safe mode perhaps?!?
__________________ "If at first you do not succeed, sit down, have a coffee, have a smoke, and think for a bit. If that still doesn't work, post it on TST". |
27th April 2011, 10:36 AM
| | TST Oracle | | Join Date: Dec 2007, 8,001 posts. Location: Market Haemorrhoids, Middle England Reputation: | |
It is getting worse - nothing will run now; all I get is the "Open With" dialogue box as if the program file is a document or something. Currently taking all the documents and files off it before I take the format hemmer to it and reinstall the O/S. No more messing with this!
Have a scrute at How to remove Total Security (Uninstall Guide) to see what others have said. There is a very useful little tool there called Procexp.exe which will run something like task manager when a virus is blocking it.
__________________ Confuse and Prosper. |
27th April 2011, 08:47 PM
| | TST Master | | Join Date: Dec 2007, 2,107 posts. Location: England Reputation: | | |
Daaamn, sounds like a real pain!!!
__________________ "If at first you do not succeed, sit down, have a coffee, have a smoke, and think for a bit. If that still doesn't work, post it on TST". |
28th April 2011, 12:41 PM
| | TST Oracle | | Join Date: Dec 2007, 8,001 posts. Location: Market Haemorrhoids, Middle England Reputation: | | |
Thats 3 of these in 3 days and all of them showing a new element - the original threatware just asked for money - these three have ALL destroyed either the program menu, the command files or the registry links. Nasty.
__________________ Confuse and Prosper. | |  Only registered members can participate in forum threads. You must register or log in to contribute.
All times are GMT. The time now is 07:13 PM.
|
|
|
Submit Your Article 
Forum Rules 
FAQ 
About Us 
Main Menu
Contact Us