New
#1
Cannot run/open .exe files (Association issue)
Hi all,
I'm really at my wit's end with this current issue I'm having. I recently got some spyware "pw.exe" which posed as "Win 7 Internet Security". I do not recall what I did to get rid of this issue, but the rogue anti-virus software is no longer posting imaginary warning messages. Avast shows no threats + Malwarebytes removed all the remaining threats.
As a workaround, I created a 2nd Administrator account and was able to connect and open up Firefox to browse for some fixes. This was before Malwarebytes removed the threats (LOG AT END OF POST)
I previously used to not be able to open any .exe files on the 1st admin account due to some permission issue related to the spyware. After the spyware/trojan removal - I have messed up .exe file associations and cannot access "regedit.exe" either through "run" or "cmd". I keep getting a "Cannot find C:\Windows\regedit.exe" despite the file still being there. The only way to get cmd is through task manager by CTRL + clicking "Open new Process". Only problem is, I don't where to go from there....
Any help would be much appreciated as I'm about to go ballistic.
============================================
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Database version: 5128
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/16/2010 9:30:59 PM
mbam-log-2010-11-16 (21-30-59).txt
Scan type: Full scan (C:\|E:\|G:\|)
Objects scanned: 305620
Time elapsed: 1 hour(s), 16 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 6
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Users\isoo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C10DOIMY\KQFChcXZ[1].exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\isoo\AppData\Local\Temp\ms0cfg32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\isoo\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\isoo\AppData\Roaming\sdrfzfgd.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\isoo\Local Settings\Application Data\pw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\isoo\Local Settings\Application Data\opRSK (Malware.Trace) -> Quarantined and deleted successfully.
============================================