Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Friend's XP computer, cleared of malware for the most part, but then files associations got messed up


  • Please log in to reply
3 replies to this topic

#1 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:10:13 AM

Posted 20 February 2011 - 03:41 PM

Hi all,
This has since been resolved the lazy way(reformat and reinstall out of my hands and into the hands of those folken here at college who only know to reformat and reinstall), but there was one night when a friend of mine came to me and asked me for some assistance with some issues she was having. I knew immediately that at least some adware was running on her computer for there were crazy ads popping up, strange and unrecognizable processes running in her task manager, as well as just slow performance. I believe that my mistake was running a quick scan instead of a full scan with MBAM, for when the program got finished with it's routine, there were still some adware installation entries in her control panel. I told her to remove them, plus some of the other silly Dell stuff that Dell puts on their latitude models. (she has a Latitude D620). Due to her impatience and just plain lack of knowledge, she was going faster than I could speak it seemed like, and when I told her to leave Spybot alone, she uninstalled it anyway. I begin to wonder what actually started to happen at this point. Her computer called for a reboot, and after it had restarted, that's when her .exe file association was no longer associated correctly. I know that the fix for that is really quick. Does anyone know what key that is that has to be added into the registry? I ask so that I can hand-create that particular .reg script so that if this ever happens again to either myself or anyone else, I can take the relatively short route. For I didn't tell you this. She thought that I had messed up her computer rather than fixed it, then publicized my mistaken judgement on facebook, and then she didn't trust me for a solid week, sending her computer to our college tech department where it was wiped, OS reinstalled, and AV and other standards set to the liking of the tech department. I'd like for that to not happen again and for me to be able to be trusted and not have folks worried that I'm going to mess things up even worse. How could I have worked the situation better so that it didn't look to my friend that I was the reason she could no longer access her programs? I know that it was the trojan that did that, though why did it happen after the MBAM scan? I don't get it. And also, the correct syntax for that registry script would be wonderful too if anyone around here knows it. Thanks.

Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:13 AM

Posted 20 February 2011 - 04:38 PM

<<...cleared of malware for the most part, but...>>

Statements like that...always intrigue me :).

Malware is a disruptive, annoying fact of life. A system is either clean...or it is infected.

<<I know that it was the trojan that did that, though why did it happen after the MBAM scan? I don't get it..>>

Mistakenly...many users think that there is some application that can be used to eliminate all forms of malware. Many seem to think of Malwarebytes in the same manner that you seem to...as something capable of detecting/eliminating/neutralizing all forms of malware.

It just ain't so.

Protection from malware starts with installation of critical updates...is aided by installation/updating/usage of a reliable AV program...and is aided by the usage of any number of programs which address malware but which are not AV programs.

Malwarebytes is one of the latter type of programs...it doesn't detect all forms of malware, nothing does. It's merely an additional step which users can take to protect their systems. And...it's not necessarily the only step that should be taken, even in conjunction with a reliable AV program.

In fact...if you visit the Malwarebytes forums or our own forums which address known infected systems...you will see that a variety of other tools are used in order to attempt to correct systems which are infected.

You might like to take a look at some suggestions for avoiding infection, How did I get infected - http://www.bleepingcomputer.com/forums/topic2520.html .

Dealing with malware...is just not as simple as many users seem to think it is or should be :).

<<...that's when her .exe file association was no longer associated correctly. I know that the fix for that is really quick. Does anyone know what key that is that has to be added into the registry?>>

Disregarding the malware issues...there are several scripts which address file association and other fixes. You might take a look at http://www.dougknox.com/xp/file_assoc.htm .

Louis

Edited by hamluis, 20 February 2011 - 06:07 PM.


#3 chromebuster

chromebuster
  • Topic Starter

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:10:13 AM

Posted 20 February 2011 - 05:46 PM

I'm very aware of that. MBAM is just my starting point for those who have a particularly horrible antivirus, or an my friend's case, no antivirus at all. I wanted her computer to be relatively clear so that whatever was left wasn't enough to interfere with the installation of an antivirus program. I just get really mad when situations arise that make it look like I broke something. Are their instances in which that happens? Things look really good, then something shows itself after rreboot? And just out of curiosity, will the script in the link you provided also work in Windows 7? Both of us are running 7 now.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,284 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:13 AM

Posted 20 February 2011 - 06:09 PM

I have no idea whether it will work with Win 7...the question is posed in the XP forum, so I provided a known XP answer.

You can always Google for "Win 7 file association fix" and see what turns up...or post that question in the Win 7 forum here at BC.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users