Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: How to troubleshoot this malware

23 Mar 2011   #1
Victek

Windows 7 x64
 
 
How to troubleshoot this malware

I have a customer running XP who apparently was hit with malware. It was intercepted by the AV, but something went wrong. Now the system boots to the desktop, however almost all EXE files will not run - clicking an EXE produces an error where Windows asks what application is associated with the extension. There is no way to access the registry and F8 boot key options are disabled blocking access to SAFE mode and Hidden Admin account. I'm not sure how to troubleshoot. Task Manager runs but doesn't show an obvious malware process. All the usual malware load points, such as Startup folders and App Data folders for current user and All Users are clean. I've prepared the customer for a backup and complete reinstall, but if there's a way to get antimalware running on the system I'd like to try and check it. TIA


My System SpecsSystem Spec
.
23 Mar 2011   #2
Maguscreed

Microsoft Community Contributor Award Recipient

Windows 7 x64
 
 

had the exact same problem with a machine recently, the fix on this page got everything working again
Unable to Start a Program with an .exe File Extension
My System SpecsSystem Spec
23 Mar 2011   #3
Orbital Shark

 
 

Hi,

You can use the following registry key to reset the .exe association in XP
xp_exe_fix.reg

If you have access to external media (USB, HDD) then you can do the following...
  1. Copy the reg key and MalwareBytes install file to the drive.
  2. Plug into the XP machine and copy both files to the HDD
  3. Double click the .reg file and accept any messages
  4. Run the MalwareBytes install and perform a full system scan
This should sort the issue out.


OS


My System SpecsSystem Spec
.

23 Mar 2011   #4
Victek

Windows 7 x64
 
 

Thanks for these responses. I will try them tomorrow and post the results. Meanwhile if anyone else has an idea please chime in
My System SpecsSystem Spec
24 Mar 2011   #5
Victek

Windows 7 x64
 
 

Quote   Quote: Originally Posted by Orbital Shark View Post
Hi,

You can use the following registry key to reset the .exe association in XP
Attachment 145201

If you have access to external media (USB, HDD) then you can do the following...
  1. Copy the reg key and MalwareBytes install file to the drive.
  2. Plug into the XP machine and copy both files to the HDD
  3. Double click the .reg file and accept any messages
  4. Run the MalwareBytes install and perform a full system scan
This should sort the issue out.


OS
I'm happy to say that this did sort it out. Thanks for the .REG file - it was the most convenient solution
My System SpecsSystem Spec
24 Mar 2011   #6
Maguscreed

Microsoft Community Contributor Award Recipient

Windows 7 x64
 
 

my link had the same reg file in it. I just didn't directly link it, I was told that's against the rules here.
My System SpecsSystem Spec
24 Mar 2011   #7
Victek

Windows 7 x64
 
 

Quote   Quote: Originally Posted by Maguscreed View Post
my link had the same reg file in it. I just didn't directly link it, I was told that's against the rules here.
Sorry, I didn't mean to leave you out. I've added to your REP along with Orbital Shark as you both pointed me in the right direction. Thanks for linking to the tutorial.
My System SpecsSystem Spec
24 Mar 2011   #8
Orbital Shark

 
 

Quote   Quote: Originally Posted by Victek View Post
I'm happy to say that this did sort it out. Thanks for the .REG file - it was the most convenient solution
You're welcome, I'm glad it worked

Quote   Quote: Originally Posted by Maguscreed View Post
my link had the same reg file in it. I just didn't directly link it, I was told that's against the rules here.
You'll find that I uploaded the actual .reg file rather than linking to a site. However, a link to a site giving assistance would not be against the rules as it would be for .reg files which are not against forum policy or illegal in any way
My System SpecsSystem Spec
Reply

 How to troubleshoot this malware




Thread Tools




Similar help and support threads
Thread Forum
Changing File Decription for link to Malware Bytes Anti-Malware
Have been using Win 7 Ultimate x64 for quite a while but tonight ran into a small problem. I like to keep the titles for links very short and want to rename "Malwarebytes Anti-Malware" (I am a registered, paid user) to simply "Malwarebytes". I am listed as an Administrator and I used LockHunter to...
System Security
how to troubleshoot and fix add-ons
i am at my wits end trying to get an add-on to work to here it is really pissing me off how can i fix a non-working add-on and i have consistntly tried removing and re-installing the add-on and it still won't work and even it being enable in Internet Explorer it still won't work will somebody...
Browsers & Mail
Homegroup troubleshoot
Hi, I cannot leave my homegroup or change my passwords. I believe I have isolated the problem but can't fix it. I am unable to enable/start the following homegroup services: -peer network grouping -peer name resolution protocal (not sure if this has anything to do with homegroup) I...
Network & Sharing
Malware Removal Guide 2011: How to Get Rid of All The Latest Malware
Read more at: Maximum PC | Malware Removal Guide 2011: How to Get Rid of All The Latest Malware
Security Basics


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:10.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App