Hi,

Windows XP.

Every program i try and open a program, regardless of whether it is in the Start Menu or through C:\Program Files\Program Folder, all I get is the 'Open With:' dialog box.

I know, through a previous scan using SuperAntiSpyware, there are sh*tloads of trojans on the system. What is the best way to clean it as i can't open any programs now?

P.S. son was using laptop and fecked the whole thing

Recommended Answers

All 22 Replies

If you can it might be good idea to format and reinstall windows.

If not you should try to download antivirus software i recommend avg free edition and run a scan.

But im not sure if you will be able to do this without being able to run anything.

You can try pushing the windows key and r at the same time then type iexplorer.exe and push enter this will open internet explorer so you can download AVG then you may have to use CMD to launch the setup.

If you need more help tell us where you get stuck.

well if your other program deleted infected files might have deleted all the .exe that were connected to those programs hence it pops up the box and asked you where the file is located

Do the Following :

Open Command Prompt (Winkey+R/cmd)
type in 'cd\'
now assuming its in C:\, type in 'del autorun.* /f /s /q /a'
Its case sensitive, type exactly as given, some files will be deleted, now do this for the other partitions i.e. type in 'D:', press enter and type in that del stuff again, do this for all partitions...when its done restart the computer..

See if you can access the folders now..

Now Download Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure to checkmark the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* Make sure all applications including browsers are closed during the scan and you are preferably not in safe mode
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad, Save the Logfile.
* Immediately Reboot he computer
* Post back with the MBAM log.

I seriously doubt if you have a bunch of trojans on your box you will ever remove them all and have your system be stable. You will most likely have to reinstall windows to fix your problem. I would download Ubuntu and run it in live CD mode so you can backup your files. Then you can reinstall windows and restore your files.

There is not one idea anybody can give you that will make this process easy. Each idea will be difficult and frustrating. Sorry but it's the truth. Just back your stuff up and reinstall.....save yourself hours trying to fix something when no matter what you WILL have to reinstall windows.

Good luck and let us know what you choose to do.

Thanks guys,

had originally thought reinstalling would be the best course of action as at least I know I wil have a clean system when finished so think will get onto this as soon as. Thanks for all your replies.

Well i'd disagree with both of you'll, however badly infected your computer is, as long as you want it to work, you surely can..There are so many tools out there for your help, they were made so that you need not reinstall and start from the beginning but fight against the bad guys and move on...Anyways its your decision, i've posted the method to remove the Autorun.inf files which prevent you from accessing drives...Do post back :)

Bill,

It is true that you can do heroic measures to get Windows functioning again. I don't disagree with that. What I disagree with is how well it will function after that. How stable will it be? He states there are multiple trojans on his PC and that to me says no matter how hard you fight you will end up with an unstable operating system. If you are super good maybe you could do it but if you're a rookie I seriously doubt you can remove them all and have a stable OS. So instead of spending hours upon hours trying to remove something that may or may not leave your system unstable just back-up and reinstall. Save time and frustration. Just my opinion and we all know what opinions are like!

:-)

I suggest you to get 2 softwares
1) Trojan remover
2) Avira Free Antivirus

Install both and do a regular scan all the infections will be removed.

Bill,

It is true that you can do heroic measures to get Windows functioning again. I don't disagree with that. What I disagree with is how well it will function after that. How stable will it be? He states there are multiple trojans on his PC and that to me says no matter how hard you fight you will end up with an unstable operating system. If you are super good maybe you could do it but if you're a rookie I seriously doubt you can remove them all and have a stable OS. So instead of spending hours upon hours trying to remove something that may or may not leave your system unstable just back-up and reinstall. Save time and frustration. Just my opinion and we all know what opinions are like!

:-)

I agree , i have been using malwarebytes and other programs like hijackthis and many more with great success for about 7or8 yrs now fixing computers !the time has come for me anyhow! to give up and just backup and reload customers computers !

I"m not bill :@ Lol yeah you have a point :) sometimes reinstalling is uhh..ok :P

Sorry Godsp3ed....I didn't notice Bill was from your quote. :-O

I am having the same problem. When ever I try to open anything on the dextop or anything i have downloaded the computer gives me an " open with" dialog box. Any computer repair tool i try to use gives me an " open with " box. Before i had this problem my computer had some heavy viruses and rogues, I got rid of them by using SUPER antispyware. After getting rid of the viruses Super antispyware rebooted my computer and this problem occured. I need help immediatltely. Thanks

Reinstall, thats what I did.

Still require some help, imra? Try this [your file association keys in registry have been damaged]: http://www.dougknox.com/xp/file_assoc.htm
Select the fixes you require for file types that will not run. In some cases it may be necessary to reinstall third party applications that use rare or proprietary file extensions.

I recommend you to format and then reinstall a fresh copy of windows.

have a fresh install, back up all your important data, that would be the best thing to do for now....

I think you should get another Hard disk, if possible external, back up all data to it, but before, then install a fresh copy of windows, when you are through, Be sure to install a very good anti-virus, I use AVG and it has worked for me in this type of situation before, then after scanning restore your files to your system.

And the winner is. . . . . . gerbil!

For having the closest to the correct answer! The only thing I would add is that sometimes one needs to manually hack the registry to fix this.
More often than not, malware has borked a few reg keys and, while MBAM and the like will remove the malware, they will not fix the "collateral damage" in the registry.

If you take the time to search any spyware/malware forum, you'll find numerous examples of this type of fix....

Cheers :)
PP

op,allready did a reinstall of OS

op,allready did a reinstall of OS

Are you sure?
I could have sworn he was still banging away at it after almost two years... :)

Just wanted to chime in since people are still posting and calling for a reformat. That is not the best first option in these cases. Often, malware will change the default for these keys:

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command]
@="\"%1\" %*"

Become:

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="malware.exe"
[HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command]
@="malware.exe"

OR:

[HKEY_CLASSES_ROOT\exefile\shell\open\malware.exe]
@="\"%1\" %*"
[HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\malware.exe]
@="\"%1\" %*"
(this is less common, but I've seen it)

So, when you run an executable, the malware runs instead.

When MBAM or another tool removes the actual malware, those keys are not repaired. As a result, when a user tries to run an executable, they get the error message as in this thread.

So, the first step is to check these keys (and a few other things) and repair them, if needed.

A reformat is way down on the list....

Cheers :)
PP

Reinstall, thats what I did.

according to this post they did

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.