Hi I'm a virus magnet.

Kantastic · Feb 21, 2010

My dads lappy was infected with some trojans (Avast! was disabled/not working and wouldn't start) so I did what I usually do and yanked the HDD out and blasted the viruses to hell with Kaspersky on my comp, but when I put the HDD back in the laptop and tried to run some apps (like internet explorer/calculator/paint) it kept asking me what program I wanted to use to open the.. program.

If you guys need pictures let me know, I'm not sure how I can take a pic when paint won't open. :eek:

Exeodus · Feb 21, 2010

Did you try to run the application from the directory on the hard drive?

Kantastic · Feb 21, 2010

Exeodus said:
Did you try to run the application from the directory on the hard drive?

Just did, wouldn't work.

PS - What's ssvagent.exe?

Exeodus · Feb 21, 2010

It looks like part of a Java update.

Exeodus · Feb 21, 2010

Do you have any system restore points you can try? But keep in mind the virus might have placed itself in the restore file so that it puts itself back on when you go to a previous restore point.

newmodder · Feb 21, 2010

try windows repair option,and yes that file is part of java update..try uninstalling java and reinstall

Kantastic · Feb 21, 2010

Uninstalling Java didn't do any good, and right now I can't open IE so reinstalling isn't an option. I'll try the recovery but first I need to back up some stuff.

Edit: Sunnuvagun! System restore gives me the same "Open With" popup. Next up, system recovery!

Boyfriend · Feb 21, 2010

Here are some of the tips to restore the windows to work properly:

1. Download Virus Effect Remover 3.2.1.26 from MajorGeeks. It is free, use it to restore most of the settings to default/working condition.
2. Open Control Panel --> Programs --> Default Programs and set your defaults.
3. There is a program named File Association Fixer. Use to fix association problems.
4. Restore IE to default in Tools --> Internet Options --> Advanced --> Reset Advance Settings. Also reset security zone to defaults. This will not damage his bookmarks/favourites
5. Check startup programs. Either use msconfig utility or Autoruns.
6. Make sure to install good Antivirus and update it regularly (automatic is good option).
7. Delete all previous restore points. They are useless as virus might have rendered them useless
8. Symantec has developed UnHookExec to restore registry and some association to typical default. Try it
9. Need more help. Ask here or PM

Which version of IE are you using? Update it if you are on IE 6/7. If IE 8, you can reinstall it. BTW, you haven't mentioned his OS :confused:

Kantastic · Feb 21, 2010

Boyfriend said:
Here are some of the tips to restore the windows to work properly:

1. Download Virus Effect Remover 3.2.1.26 from MajorGeeks. It is free, use it to restore most of the settings to default/working condition.
2. Open Control Panel --> Programs --> Default Programs and set your defaults.
3. There is a program named File Association Fixer. Use to fix association problems.
4. Restore IE to default in Tools --> Internet Options --> Advanced --> Reset Advance Settings. Also reset security zone to defaults. This will not damage his bookmarks/favourites
5. Check startup programs. Either use msconfig utility or Autoruns.
6. Make sure to install good Antivirus and update it regularly (automatic is good option).
7. Delete all previous restore points. They are useless as virus might have rendered them useless
8. Need more help. Ask here or PM

Which version of IE are you using? Update it if you are on IE 6/7.

The problem here (after xferring some of the programs you mentioned to the laptop via USB) is that none of them will open. They all give me the "Open With" popup.

I'm using IE 8.

blkhogan · Feb 21, 2010

Has it identified what viruses you are dealing with. We can help more if we knew what we are dealing with.

erocker · Feb 21, 2010

Sound like the virus took out some essential Windows files, explorer files, etc. If System Restore isn't getting it done, you'll probablly need to reinstall the O/S. Save your files.

Kantastic · Feb 21, 2010

blkhogan said:
Has it identified what viruses you are dealing with. We can help more if we knew what we are dealing with.

No idea what the exact virus is, I just checked Kaspersky's quarantine and got HEUR:Trojan.Script.IFramer.

Boyfriend · Feb 21, 2010

What OS??

blkhogan · Feb 21, 2010

http://malwarecrawler.com/?tag=detected

Boyfriend · Feb 21, 2010

Symantec has developed UnHookExec to restore registry and some associations to typical default. Try it. It will restore *.exe files execution.

Lazzer408 · Feb 21, 2010

Try this. Paste between the lines into notepad. Save as exe_fix.reg run it merge the key then reboot.

__________________________________________________

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

___________________________________________________

blkhogan · Feb 21, 2010

Lazzer408 said:
Try this. Paste between the lines into notepad. Save as exe_fix.reg run it merge the key then reboot.

__________________________________________________

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

___________________________________________________

LoL. I was just typing that out. You beat me to it. :toast:

oily_17 · Feb 21, 2010

What OS is the laptop running ??

Boyfriend · Feb 21, 2010

Open notepad and copy following text

[Version]
Signature="$Chicago$"

[DefaultInstall]
AddReg=UnhookRegKey

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

Save it as "Restore.inf" and right click and select install.

blkhogan · Feb 21, 2010

Boyfriend said:
Open notepad and copy following text

[Version]
Signature="$Chicago$"

[DefaultInstall]
AddReg=UnhookRegKey

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

Save it as "Restore.inf" and right click and select install.

Ive heard of "unhook", have you actually used it? Does it work?

Boyfriend · Feb 21, 2010

It works very well on systems having severe file association problems. I have used it to restore things back on some clients computers.

He should at least mention his OS

Kantastic · Feb 21, 2010

Boyfriend said:
What OS??

Vista Home Premium 32bit

Working on everything else right now, will post updates when finished.

oily_17 · Feb 21, 2010

Bookmark this, for some file ext fixes -

http://www.winhelponline.com/articles/105/1/File-association-fixes-for-Windows-Vista.html

Kantastic · Feb 21, 2010

Lazzer408 said:
Try this. Paste between the lines into notepad. Save as exe_fix.reg run it merge the key then reboot.

__________________________________________________

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"

___________________________________________________

Failed! =[

oily_17 said:
What OS is the laptop running ??

Vista Home Premium 32bit

Boyfriend said:
Open notepad and copy following text

[Version]
Signature="$Chicago$"

[DefaultInstall]
AddReg=UnhookRegKey

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

Save it as "Restore.inf" and right click and select install.

Failed!

pantherx12 · Feb 21, 2010

Sounds like when you took the virsues out they took some of the files out with them, damn embed viruses!

System Name	Dust Collector
Processor	AMD Ryzen 5 3600X
Motherboard	Asus B550I Aorus Pro WiFi AX
Cooling	Alpenfohn Black Ridge V2 w/ Noctua NF-A9x14
Memory	Corsair Vengeance LPX 16GB DDR4 3200MHz/CL16
Video Card(s)	Power Color Red Dragon RX 5700 XT
Storage	Samsung EVO+ 500GB NVMe
Display(s)	Dell S2721DGF
Case	Dan Case A4
Power Supply	Corsair SF600 Platinum
Mouse	Logitech G603
Keyboard	Logitech G613

System Name	The W.O.P.R.
Processor	Core i7 920 D0 @ 4.0GHz 1.24 vcore
Motherboard	ASUS P6T
Cooling	Xigmatek S1283 with push\pull fan configuration.
Memory	6GB Mushkin DDR3 1600MHz 7-8-7-20
Video Card(s)	2 - ASUS EAH5850 CrossfireX
Storage	1TB WD Black
Display(s)	I-INC 28" 1920x1200 HDMI
Case	Ultra M998
Audio Device(s)	Realtek HD
Power Supply	Corsair TX750W
Software	Windows 7 Enterprise 64-bit

System Name	Dust Collector
Processor	AMD Ryzen 5 3600X
Motherboard	Asus B550I Aorus Pro WiFi AX
Cooling	Alpenfohn Black Ridge V2 w/ Noctua NF-A9x14
Memory	Corsair Vengeance LPX 16GB DDR4 3200MHz/CL16
Video Card(s)	Power Color Red Dragon RX 5700 XT
Storage	Samsung EVO+ 500GB NVMe
Display(s)	Dell S2721DGF
Case	Dan Case A4
Power Supply	Corsair SF600 Platinum
Mouse	Logitech G603
Keyboard	Logitech G613

System Name	The W.O.P.R.
Processor	Core i7 920 D0 @ 4.0GHz 1.24 vcore
Motherboard	ASUS P6T
Cooling	Xigmatek S1283 with push\pull fan configuration.
Memory	6GB Mushkin DDR3 1600MHz 7-8-7-20
Video Card(s)	2 - ASUS EAH5850 CrossfireX
Storage	1TB WD Black
Display(s)	I-INC 28" 1920x1200 HDMI
Case	Ultra M998
Audio Device(s)	Realtek HD
Power Supply	Corsair TX750W
Software	Windows 7 Enterprise 64-bit

System Name	The W.O.P.R.
Processor	Core i7 920 D0 @ 4.0GHz 1.24 vcore
Motherboard	ASUS P6T
Cooling	Xigmatek S1283 with push\pull fan configuration.
Memory	6GB Mushkin DDR3 1600MHz 7-8-7-20
Video Card(s)	2 - ASUS EAH5850 CrossfireX
Storage	1TB WD Black
Display(s)	I-INC 28" 1920x1200 HDMI
Case	Ultra M998
Audio Device(s)	Realtek HD
Power Supply	Corsair TX750W
Software	Windows 7 Enterprise 64-bit

Hi I'm a virus magnet.

Kantastic

Exeodus

Kantastic

Exeodus

Exeodus

newmodder

New Member

Kantastic

Boyfriend

New Member

Kantastic

blkhogan

erocker

*

Kantastic

Boyfriend

New Member

blkhogan

Boyfriend

New Member

Lazzer408

blkhogan

oily_17

Boyfriend

New Member

blkhogan

Boyfriend

New Member

Kantastic

oily_17

Kantastic

pantherx12

System Name	Gamer
Processor	amd phenom quad core 9950 black edition
Motherboard	msi ms-7309
Cooling	120mm front,120mm rear
Memory	2gigs ddr2 800
Video Card(s)	BFG gtx 260 maxcore
Storage	wd 160gig sata2 hd
Display(s)	LG 20in widescreen
Case	USP 100
Audio Device(s)	onboard Logitech x-530 5.1 spkrs
Power Supply	Antec Neo 550watt
Software	windows 7 Ultimate 64 bit

System Name	Black Star
Processor	Core2Duo E7200 @ 2.53 GHz
Motherboard	Asus P5K-VM (G33)
Cooling	Cooler Master Hyper N520 + 3 120 mm Fans
Memory	Corsair CM2X1024-6400C4DHX , 4,4,4,12,2T, 2x1 GB
Video Card(s)	MSI NX8500GT TD256E
Storage	WD Caviar Blue 320GB + Maxtor 500 GB
Display(s)	ViewSonic VX1940w 19"
Case	Vento ATX
Audio Device(s)	Realtek HD (On-Board)
Power Supply	Cooler Master Extreme 460 W
Software	Windows 7 RTM 32-Bit + KIS 2011 CF2 (ab)

System Name	Hogan's Crap
Processor	Intel i3-2120 Crap!
Motherboard	Dell POS Crap!
Cooling	Stock Crap!
Memory	4 GB Kingston DDR3 10600 Crap!
Video Card(s)	Stock Crap!
Storage	500 GB 5400 rpm Crap!
Software	Windows 10 64bit

Processor	AMD Ryzen 7 7800X3D
Motherboard	ASUS TUF x670e
Cooling	EK AIO 360. Phantek T30 fans.
Memory	32GB G.Skill 6000Mhz
Video Card(s)	Asus RTX 4090
Storage	WD m.2
Display(s)	LG C2 Evo OLED 42"
Case	Lian Li PC 011 Dynamic Evo
Audio Device(s)	Topping E70 DAC, SMSL SP200 Headphone Amp.
Power Supply	FSP Hydro Ti PRO 1000W
Mouse	Razer Basilisk V3 Pro
Keyboard	Tester84
Software	Windows 11

Processor	i7 2600k@4.6ghz
Motherboard	MSI z68ma-ed55
Cooling	Silentx Extreem 120mm
Memory	2x4gb XMS 7-8-7-20 1600
Video Card(s)	HD6870
Storage	2x128gb Kingston Hyper-X (Raid0), 2x750gb RE3 (RAID1), 2x750gb RE3 (RAID1)
Display(s)	Soyo 24", Gateway 22"
Case	Fractal Design Arc Mini 6x120mm fans.
Audio Device(s)	Onboard
Power Supply	Zalman 750w
Software	Windows 7

Processor	Q9550 @3.8
Motherboard	Asus Maximus Extreme
Cooling	Custom water cooling
Memory	4GB Patriot Viper DDR3 1600MHz
Video Card(s)	2x HD4870 512MB
Storage	2x 500GB
Display(s)	3x LG L226WTQ 22" Widescreen LCD
Case	Modded TJ07
Audio Device(s)	On board
Power Supply	PC P&C Silencer 750
Software	Windows 7 Ultimate

System Name	My pc
Processor	Ryzen 5 3600
Motherboard	Asus Rog b450-f
Cooling	Cooler master 120mm aio
Memory	16gb ddr4 3200mhz
Video Card(s)	MSI Ventus 3x 3070
Storage	2tb intel nvme and 2tb generic ssd
Display(s)	Generic dell 1080p overclocked to 75hz
Case	Phanteks enthoo
Power Supply	650w of borderline fire hazard
Mouse	Some wierd Chinese vertical mouse
Keyboard	Generic mechanical keyboard
Software	Windows ten