We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
laptop gone a bit weird
Options

ali-t
Posts: 3,815 Forumite
in Techie Stuff
I had a message come up when I was online the other night saying that there was an update and it was an exe (?) file. I pressed cancel as it wasn't something I recognised as having appeared before (laptop is a couple of years old and no new software installed). A message then came up from AVG saying a trojan alert and that the threat had been quarantined and removed.
I didn't think much of it and thought it must have been linked to the popup about the exe file update but now things aren't working properly. I don't have lots of programmes that I did have including Java and the santander rapport programme. When I try to log on to the internet a box pops up asking me what programme I want to open it with. I searched through the programmes and got firefox but it then opens to a blank page and asks where I want to save the exe file to. I have pressed cancel each time and the internet works fine but how do I get it back to normal?
I didn't think much of it and thought it must have been linked to the popup about the exe file update but now things aren't working properly. I don't have lots of programmes that I did have including Java and the santander rapport programme. When I try to log on to the internet a box pops up asking me what programme I want to open it with. I searched through the programmes and got firefox but it then opens to a blank page and asks where I want to save the exe file to. I have pressed cancel each time and the internet works fine but how do I get it back to normal?
If you always do what you have always done, you will always get what you always got!
0
Comments
-
copy this to the machine
http://download.bleepingcomputer.com/reg/antivirus-vista-2010/FixExe.reg
double click on it
then install malwarebytes, update it, do a full scan, fix anything found before closing!!
> . !!!! ----> .0 -
Thanks closed, sorry for the delay in replying. Yesterday was the first time I had the time to follow your instructions and it worked - yeeha! It was a broken open command that showed up as being the problem and now appears to be fixed. Thanks again.If you always do what you have always done, you will always get what you always got!0
-
did you do a malwarebytes full scan too?!!
> . !!!! ----> .0 -
I couldn't do any updates or the malware as I kept getting an error message and when I looked online at what the error message meant I couldn't do the instructions as my computer would not let me in the internet settings bit of the control panel.
Malwarebytes' Anti-Malware 1.40
Database version: 2578
Windows 6.0.6000
03/07/2011 17:02:02
mbam-log-2011-07-03 (17-02-02).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 165721
Time elapsed: 1 hour(s), 27 minute(s), 11 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("C:\Users\ali\AppData\Local\cru.exe" -a "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)If you always do what you have always done, you will always get what you always got!0 -
are you still unable to do updates and unable to see IE connection settings?
post a hijackthis log!!
> . !!!! ----> .0 -
I couldn't do any updates or the malware as I kept getting an error message and when I looked online at what the error message meant I couldn't do the instructions as my computer would not let me in the internet settings bit of the control panel.
Malwarebytes' Anti-Malware 1.40
Database version: 2578
Windows 6.0.6000
03/07/2011 17:02:02
mbam-log-2011-07-03 (17-02-02).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 165721
Time elapsed: 1 hour(s), 27 minute(s), 11 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\exefile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("C:\Users\ali\AppData\Local\cru.exe" -a "%1" %*) Good: ("%1" %*) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Malwarebytes' Anti-Malware 1.40
Database version: 2578
03/07/2011 17:02:02
mbam-log-2011-07-03 (17-02-02).txt
What's this? Too old.
Download and install this version
If you are downloading on to a USB drive and transferring the infected computer, download the Rules too.0 -
Stilltheone, the website is down for maintenance. Is there anywhere else I could get it?
Closed, I have no idea what a highjackthis log is and googling didn't help me out with any links to get it.
I can now get into the internet settings on the control panel and have followed instructions I found that should allow me to get the updates but it is still not working. The instructions were:
Go to control panel > internet options. Click on the "connections" tab, then the "LAN settings" button. Uncheck "use a proxy server" and check "automatically detect settings." Then click ok/apply and exit out of there. Malwarebytes should update now without giving you the error.
Sorry if I am coming across as a bit thick but I am not very savvy with this kind of thing.If you always do what you have always done, you will always get what you always got!0 -
Sorry. Use these links instead: Malwarebytes AntiMalware
Rules
Just updated them at 11.45am. So download again if you downloaded before.0 -
http://www.trendmicro.com/ftp/products/hijackthis/beta/HijackThis.exe
if you look around the techie section, you will find lots of hijackthis logs, along with instructions!!
> . !!!! ----> .0 -
stilltheone wrote: »Sorry. Use these links instead: Malwarebytes AntiMalware
Rules
Just updated them at 11.45am. So download again if you downloaded before.
Is there a way to get this free? I don't ask for much do I?
Even using the FAQs I can't work out how to use that site. When I click the download it prompts me to pick a file but there is nothing to pick. do they appear when you pay?If you always do what you have always done, you will always get what you always got!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply

Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards