Can't run msconfig.exe
Report abuse
Thank you.
Reported content has been submitted
Hi,
Methods to restore .exe functionality AFTER removing the malware.
1. Make a Restore Point so you can revert back if needed though not likely required.
How to Create a System Restore Point in Vista
http://www.vistax64.com/tutorials/76332-system-restore-point-create.html
How to Do a System Restore in Vista
http://www.vistax64.com/tutorials/76905-system-restore-how.html
2 . Copy BETWEEN these lines and paste into Notepad - Save as exefileFix.reg - then Right
Click on it and MERGE - REBOOT
DO NOT COPY LINES
-----------------------------------------------------------------
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\.EXE]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.EXE\PersistentHandler]
@="{098f2470-bae0-11cd-b579-08002b30bfeb}"
[HKEY_CLASSES_ROOT\exefile]
@="Application"
"EditFlags"=hex:38,07,00,00
"FriendlyTypeName"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,\
00,6f,00,6f,00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,\
32,00,5c,00,73,00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,\
00,2c,00,2d,00,31,00,30,00,31,00,35,00,36,00,00,00
[HKEY_CLASSES_ROOT\exefile\DefaultIcon]
@="%1"
[HKEY_CLASSES_ROOT\exefile\shell]
[HKEY_CLASSES_ROOT\exefile\shell\open]
"EditFlags"=hex:00,00,00,00
[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shell\runas]
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
"IsolatedCommand"="\"%1\" %*"
[HKEY_CLASSES_ROOT\exefile\shellex]
[HKEY_CLASSES_ROOT\exefile\shellex\DropHandler]
@="{86C86720-42A0-1069-A2E8-08002B30309D}"
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\UserChoice]
--------------------------------------------------------------
DO NOT COPY LINES
If needed :
Check the EXE file fix here
http://www.winhelponline.com/articles/105/1/File-association-fixes-for-Windows-Vista.html
Also check this one if it applies
http://www.winhelponline.com/articles/165/1/Restore-the-exe-file-association-in-Windows-Vista-after-incorrectly-associating-it-with-another-application.html
How to Set Default Associations For a Program in Vista
http://www.vistax64.com/tutorials/83196-default-programs-program-default-associations.html
Hope this helps.
Rob - Bicycle - Mark Twain said it right.
Microsoft MVP Windows and Devices for IT 2009 - 2020
Report abuse
Thank you.
Reported content has been submitted
Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.
Try Safe Mode with networking - repeatedly tap F8 as you boot up.
The top two methods allow the scanners to run and/or get AV.exe out of the way or removal.
1.
CTRL SHIFT ESC - Task Manager OR Right Click the TaskBar - Task Manager
Processes tab - End Process on AV.EXE and then proceed with the Uninstall Guide.
If needed use Start - Computer OR Windows Explorer to navigate to
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe or where ever it is installed at - if
needed Right Click the Malwarebytes - Properties - Shortcut tab - target line to see where it
is installed.
Right Click on it and Rename it to ZZMbam.COM (or anything different than it is now) and
then double click on it and run it that way. You can rename it back later. Do similar with
other programs as needed. Use this method for others as needed - DO NOT ASSUME any
one program removes it all or that there is not other malware involved. Use the .COM
extension as this malware prevents .EXE from running.
---------------------------------------------------
2.
Another method is to use these :
Use Process Explorer to "Suspend" not Stop the Processes
Then use AutoRuns to remove the malware startup items.
Now use UnLocker to delete the files in the malware.
You may have to do this one file at a time.
Process Explorer - Free
http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
AutoRuns - Free
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
UnLocker - Free (do not install the Ebay adaware)
http://www.softpedia.com/get/System/System-Miscellaneous/Unlocker.shtml
AV.exe
==============================================
There are MANY varieties of these with many names however all can be removed with the
same methods :
Vista Antispyware 2010, XP Internet Security 2010, Antivirus Vista 2010, and Win 7 Antispyware 2010
are rogue antivirus, scams to force you to pay for them while they have no benefits at all.
How to remove ALL varities of this malware - please read the Removal Instructions carefully.
http://www.bleepingcomputer.com/virus-removal/remove-antivirus-vista-2010
RENAME these as needed to allow them to run : (use another name with the .COM extension instead of .exe)
These can be done in Safe Mode - repeatedly tap F8 as you boot however you should also run them
in regular Windows when you can.
Download malwarebytes and scan with it, run MRT, and add Prevx to be sure it is gone. (If Rootkits
run UnHackMe)
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Malwarebytes - free
http://www.malwarebytes.org/
Run the Microsoft Malicious Removal Tool
Start - type in Search box -> MRT find at top of list - Right Click on it - RUN AS ADMIN.
You should be getting this tool and its updates via Windows Updates - if needed you can download it
here.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)
Microsoft Malicious Removal Tool - 32 bit
http://www.microsoft.com/downloads/details.aspx?FamilyID=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en
Microsoft Malicious Removal Tool - 64 bit
http://www.microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en
also install Prevx to be sure it is all gone.
Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other security programs.
This is a scanner only, VERY EFFECTIVE, if it finds something come back here or use Google to see
how to remove.
http://www.prevx.com/ <-- information
http://info.prevx.com/downloadcsi.asp <-- download
PCmag - Prevx - Editor's Choice
http://www.pcmag.com/article2/0,2817,2346862,00.asp
Try the trial version of Hitman Pro :
Hitman Pro is a second opinion scanner, designed to rescue your computer from malware (viruses,
trojans, rootkits, etc.) that have infected your computer despite all the security measures you have
taken (such as anti virus software, firewalls, etc.).
http://www.surfright.nl/en/hitmanpro
--------------------------------------------------------
If needed here are some online free scanners to help
http://www.eset.com/onlinescan/
http://onecare.live.com/site/en-us/default.htm
http://www.kaspersky.com/virusscanner
Other Free online scans
http://www.google.com/search?hl=en&source=hp&q=antivirus+free+online+scan&aq=f&oq=&aqi=g1
--------------------------------------------------------
Also do these to cleanup general corruption and repair/replace damaged/missing system files.
Run DiskCleanup - Start - All Programs - Accessories - System Tools - Disk Cleanup
Start - type this in Search Box -> COMMAND find at top and RIGHT CLICK - RUN AS ADMIN
Enter this at the prompt - sfc /scannow
How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.microsoft.com/kb/928228
Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.
How to Run Check Disk at Startup in Vista
http://www.vistax64.com/tutorials/67612-check-disk-chkdsk.html
-----------------------------------------------------------------------
If any Rootkits are found use this thread and other suggestions. (Run UnHackMe)
http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/a8f665f0-c793-441a-a5b9-54b7e1e7a5a4/
Hope this helps.
Rob - Bicycle - Mark Twain said it right.
Microsoft MVP Windows and Devices for IT 2009 - 2020
Report abuse
Thank you.
Reported content has been submitted
1 person found this reply helpful
·Was this reply helpful?
Sorry this didn't help.
Great! Thanks for your feedback.
How satisfied are you with this reply?
Thanks for your feedback, it helps us improve the site.
How satisfied are you with this reply?
Thanks for your feedback.