XP, System restore, execute file

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I had a virus which I believe wiped out all my file associations. No short
cut (except for aol and IE) works. Nothing runs in control panel from the
shortcuts. Virus protection and firewall won't run.

Will system restore help me, and what is the actual execute file that I can
run manually?

Jim

 

[Malke]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

JimNStLouis wrote:

> I had a virus which I believe wiped out all my file associations. No
> short
> cut (except for aol and IE) works. Nothing runs in control panel from
> the
> shortcuts. Virus protection and firewall won't run.
>
> Will system restore help me, and what is the actual execute file that
> I can run manually?
>
> Jim

Is the computer clean or have you not been able to do this because of
the broken .exe association? There are a few things you can do. You can
run Doug Knox's .exe fix from here:

http://www.dougknox.com/xp/file_assoc.htm

and see if that enables you to run your av. If it does, do the scan in
Safe Mode.

Also, depending on the virus, your *.com extension may still work. If it
does, do Start>Run regedit.com [enter]. Then look at the Default string
value of these registry keys:

HKEY_CLASSES_ROOT\exefile\shell\open\command\

HKEY_LOCAL_MACHINE\Software\Classes\Exefile\Shell\Open\Command

Change the (Default) string value in the following registry keys to

"%1" %* (with quotation marks)

The value that appears before the proper string will be the name of the
malware.

If the above steps don't work, you can download an emergency copy of ERD
Commander from Winternals. Obviously, you'll need to do that on a
machine with a working Internet connection, a cd burner, and
third-party burning software. You'll make the special boot cd, take it
back to your sick machine and boot with it. ERD Commander will enable
you to change the necessary registry settings.

Malke
--
MS MVP - Windows Shell/User
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"

 

[Guest]

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I ran the anti-virus software by finding the exe file. It found and deleted
the virus, but like a dummy I didn't write down the name. I can't find it in
any logs. I had troubles keeping the active virus and firewall up and
working, something kept turning it off. I'm past that, got it back working
and active now. (don't leave the wireless card plugged in when not in use
anymore to limit my exposure)

I will try the regedit and the doug knox fixes...thanks...

I did figure out how to run system restore manually, and it didn't help any...

Jim

"Malke" wrote:

> JimNStLouis wrote:
>
> > I had a virus which I believe wiped out all my file associations. No
> > short
> > cut (except for aol and IE) works. Nothing runs in control panel from
> > the
> > shortcuts. Virus protection and firewall won't run.
> >
> > Will system restore help me, and what is the actual execute file that
> > I can run manually?
> >
> > Jim
>
> Is the computer clean or have you not been able to do this because of
> the broken .exe association? There are a few things you can do. You can
> run Doug Knox's .exe fix from here:
>
> http://www.dougknox.com/xp/file_assoc.htm
>
> and see if that enables you to run your av. If it does, do the scan in
> Safe Mode.
>
> Also, depending on the virus, your *.com extension may still work. If it
> does, do Start>Run regedit.com [enter]. Then look at the Default string
> value of these registry keys:
>
> HKEY_CLASSES_ROOT\exefile\shell\open\command\
>
> HKEY_LOCAL_MACHINE\Software\Classes\Exefile\Shell\Open\Command
>
> Change the (Default) string value in the following registry keys to
>
> "%1" %* (with quotation marks)
>
> The value that appears before the proper string will be the name of the
> malware.
>
> If the above steps don't work, you can download an emergency copy of ERD
> Commander from Winternals. Obviously, you'll need to do that on a
> machine with a working Internet connection, a cd burner, and
> third-party burning software. You'll make the special boot cd, take it
> back to your sick machine and boot with it. ERD Commander will enable
> you to change the necessary registry settings.
>
> Malke
> --
> MS MVP - Windows Shell/User
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
>

 

[Guest]

I had the bredalob trojan invite a bunch of bad stuff in before I realized my Antivirus wasn't functioning correctly. Anyway after I sorted the virus/es, I was left unable to open anything using any shortcuts from the Desktop, Quick-start or even Start, so I couldn't even try system restore.
I downloaded the .exe file fix as mentioned from
http://www.dougknox.com/xp/file_assoc.htm
and that did it. Saved my a full re-install and network setup!!!

 

[saran008]

Necropost

 

[The_Prophecy]

This topic has been closed by The_Prophecy