0

Hello all, I started a thread in another section and was told to move it to here so I'm going to restate what was in each comment and hope to get help on this.

'Hi, I been able to get my computer better since the last post. I found out to run "Shutdown -a" to stop the Network/NT or something like that which cause the force shutdown in a minute. I am starting to remove "XP Antispyware 2010", but when I get to the regedit part, I keep running it and it get a "open with" prompt, something that happen for regedit and regedit.exe. Regedit32 does not exist on the program as I been told to check. I also know that I did run regedit to fix this error that I believe I post last year and got rid of last year. Beside figuring out how to get onto regedit, I would like to figure out more with the network shutdown program. I think its a registry coding problem considering the "-a" must be a option of which loop to pick. I would also be interested learning more about the "shutdown -a" and what other option in that area there is to choose. If there is something else you need, then just tell me. Hopefully this is the right place to put this in heh.'

'I want to add that I think it was the NT authority not the network, and also that when I said I needed to do the 'open with' prompt for when I tried getting regedit, a strange thing happened that changed that. A bit after posting this log, the firefox on my computer, as this computer right now is not that computer, gave the 'open with' prompt when I tried to start firefox. This was clicking on the firefox icon, not the restart firefox on the crash report box. I have not touch my comp since then, which I had turn off after that problem occured.'

'I found the solution or what was causing the 'open with' prompt to occur. I keep having gut feeling to restore the program I deleted which I thought might be the connection since one of them is a word program and I connected it to the thing that of how it say you need to delete the log in the regedit and not the registry code or you mess it up. So backing up some. When I was searching for all thing that had 'Av.exe' connection since that was what the XP Antispyware 2010 was connecting my computer with I found a 'Av.exe' as a execution program and a text file which was in a different place. I rename that one the text file to be 'Av.exe' and deleted them both, which was the source of the 'open with' prompting. I'm hoping to fix it, but I need someone to help me on this lol'

'Hi, again, back with more update. I turned on my computer today and found out that the av.exe process is not on the task manager. With that said all the program are back to needing the 'open with' prompt, or at least they need to be open with another program. There are two things that make this not make sense. One, before I had the Av.exe, I believe I never had this happened to this comp, and also when I got the Av.exe process and ridding all that mentioned in the last comment it was still in the recycling bin, so never fully gone. The thing is, I have no clue how this happened.'

Well that's all the comment and here's the link if it will stay up. http://www.daniweb.com/forums/thread259727.html

4
Contributors
6
Replies
8
Views
7 Years
Discussion Span
Last Post by jholland1964
0

I have to add another thing with this. For some reason one of the svchost.exe shoot up in cpu usage and then it messed up the computer. Such as when it does slow down in the lagging it might shut the computer down, as normal shutdown. I found this site and wonder if I should do this since this is a generic host problem and think it should be thought about with more of a concern. http://www.technibble.com/how-to-fix-svchost-using-100-cpu-memory-leak/

0

A great way of disabling rogue software if you know where the majority of the files are located in the filesystem is using a linux liveCD (recommend ubuntu), and deleting the files from an operating system that is unaffected. I did this for that vista internet security rogue antivirus, worked well. Deleting all of the dependent files from a linux environment caused it to stop starting up at boot and I was able to clear out the nasties from the registry.

However it would be infinitely easier to boot up a linux OS, migrate your important files off, scan them for malware (malwarebytes and bitdefender are quite decent, virustotal.com is good for small files, it uses 40 different brands of scanners to analyze your programs, just beware of false positives) and then reinstall your system. Cleaning out these rogue antiviruses is ugly to say the least.

0

Acrimonus, I don't see how that would help me. Also, part of the files that are affected involve the prefetch, several generic host information/volume, java and some more. It is possible that I can fix this but I think the first thing to do is to fix the "open with" prompt so I can bypass it and be able to open those program. One of these two thing which can do that is fixing the C:\Program Files\Java\jre6\lib\deploy\jqs\ff\..\..\..\..\bin\jqsnotify.exe problem where its missing or the second being that I think it was that there is something wrong with a certian process missing or being on or that the services is messed up. I also don't have a linux OS or my comp XP OS as I believe it was not given with the computer. Malware seems to not be running for some reasons, and the anti norton I think it is seem to find nothing wrong.

0

Rogue antivirus software is typically built to prevent things like Malwarebytes from running, you need to disable the rogue antivirus through some method, whether it be using a specific tool made to disable the malware or running in an operating system in which the malware is not built to cause havoc. I've even seen rogue antivirus software add a registry key to every single executable listed in the registry so any time you run any program it check to see if its own file integrity is intact and regenerate any missing files. This is hard to combat, you need to run in an environment where the malware is not a threat, ie: not Windows. Then you can scan and delete infected files with impunity.

Norton does not detect malware like rogue antivirus software (or viruses for that matter :P) and Mba-m is so well known to the malware writers that they will definitely attempt to block it from running.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.