?
Solved

Executables won't run after a malware attack

Posted on 2011-04-20
4
Medium Priority
?
795 Views
Last Modified: 2012-06-21
I have had two computers on our network that have been victims of malware attacks. I have run malware bytes and it removes any found threats but executables will not work properly. When clicking on any icon that is not a document, you are prompted with the "Open with" dialog box. I have also used combofix. On the first computer that I encountered the issue with I ended up renaming the user's profile to "user.domain.old". When she logged on next time her profile was recreated and worked fine. Before I do the same to this computer I was hoping for some suggestions.
0
Comment
Question by:eBoNix71
  • 2
4 Comments
 
LVL 30

Accepted Solution

by:
Sudeep Sharma earned 2000 total points
ID: 35437383
Check the following to fix the file and folder association:

http://www.dougknox.com/xp/file_assoc.htm

or save this to your desktop and double click it to fix the exe issues

http://www.kellys-korner-xp.com/regs_edits/exefix.reg

I hope that would help

Sudeep
0
 

Author Comment

by:eBoNix71
ID: 35437557
The first link seemed to work, but when I logged on as the user having the issue to run it I got the message on the attached print screen. Any way of finding out what key are open? Or is it due to the user not having admin rights?
fixmsg.docx
0
 
LVL 15

Expert Comment

by:greyknight17
ID: 35437597
Try some of the other steps mentioned here. Use the reg script provided by SSharma since it's more complete but follow some of the steps on importing there. You can also check the file association type (one of the first steps mentioned there) to see if it's of any help.
0
 

Author Comment

by:eBoNix71
ID: 35437650
I temporarily granted the user admin rights and the script ran fine and the executables seem to be working. Points will be granted tomorrow once user verification can be done.

Thanks SSharma
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OVERVIEW This guide provides information on the process performed when the Symantec Endpoint Protection (SEP) client checks in with the Symantec Endpoint Protection Manager (SEPM). AUDIENCE Information Technology personnel responsible for suppo…
UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

750 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question