Help! Cannot open/run any exe files

Experienced user here. I think I got hijacked by a malware this morning while working (I work through an online portal). Started by noticing an inability to open programs, couldn't even run services.msc to see what was running, couldn't open notepad, etc. Kept getting the ""Windows cannot access the specified device , path or file. You may not have the appropriate permissions to access the item." error message.

Rebooted and when it came back up I can't open ANYthing except a few documents. No programs, can't access control panel, or regedit, nothing. Plugged in my external drive and by copying some program folders and app .exe files over to that have been able to open Opera (which is what I'm using here), Maxthon, Registry Editor and a few other programs. Also got Malwarebytes to run, but it came up clean on a full scan. Couldn't download Superantispyware. My Avast antivirus is disabled, both on boot and trying to open it using my workaround.

Worst of all for me is that I can't get Firefox to run/open no matter what, and can't download/install on my external drive. I HAVE TO HAVE FIREFOX in order to work. My work portal is not configured to work on any other browser, only FF.

I did boot into safe mode, didn't help, same issues. Rebooted into safe mode and did a system restore, didn't help.

I'm running XP Pro SP3 on an HP Pavilion dv6000.

Please help somebody! 5:15 in the evening, here and I've gotta log on to work tomorrow morning at 8! Help!

 

Forgot to mention that I did follow as many of the instructions in the read this first thread as I could, but I can't download/install/uninstall anything, can't get to Add/Remove Programs, nothing, just crippled here. Barely functioning. Oh - and I don't have an XP CD.

 

Thank you SO much for your response. Gives me hope that maybe there might be SOME help out there.

Actually I was NOT able to download Opera. I already had it on my system. The only way I am able to run anything (and it doesn't work for all apps) is by copying the appropriate app .exe file and/or the entire folder to my external drive and clicking on it from there. For some reason it worked with Opera (had to copy the whole folder over) but would not work with FF. I'm also able to get my Outlook Express running by that method, though very buggily, i.e. it crashed every other time I try to do something. I tried to download/run Superantispyware by this method, also FF. Didn't work. Even tried to download directly to my external drive. Doesn't work.

I've also been able to open some programs, like Word, by clicking directly on a file in the directory. Then the program opens with the file. But again, doesn't work with all programs and not with FF, which is what I need for my employment.

Yes, I tried. I was able to both download and run it by using the above procedure, i.e. dowloaded to my desktop, copied to my external drive, clicked on it from there, and it ran. However, it created a file that I cannot find. It gave me the path/filename, but it's not there. Doesn't show up in Win Explorer, and I can't use my onboard search/find function. From what I read on the command window it found a lot of stuff and questioned whether the .NET Framework was installed. But without the "search" function I don't know how to find the file. It said it was c:\MGlog but there is no such location under C:

Yes, tried it on a number of .exe program files and the same thing happens. Nothing runs, get that same "Windows cannot access" error message.

Yes. Task Manager runs when I use Ctrl-Alt-Delete. But msconfig does not. Can't run any commands from the "Run" window.

 

Yup I know, thanks. But like I said, I CAN'T run ANYthing from that drive. The ONLY way I can run ANY programs right now is to copy them over and open them off of my external drive, and a few, like Word or Excel, by opening docs/worksheets, etc. and thereby the program itself. But can't open them directly.

I understand but since I can't open a browser from my main Windows drive, I can't therefore open/run any files from there either, whether from within a browser or otherwise. I can run MGTools.exe from my browser opened off my external drive, but that's the only way. I can also download/move the MGTools.exe file into my C:\ root directory and see it there, but I can't run it from there. If I try, I get the "Windows cannot access..." error message. And if I do try to run MGTools.exe from anywhere else, it just doesn't seem to be working, as you said it wouldn't. Also, it references a .zip file which isn't found anywhere on my C: drive. Just fyi, here is the text from the command prompt window:

Didn't see av.exe. As for the rest, I'm not sure if any are questionable or not. Here's the list currently:

Again, (with the exception of Word, which opened when I opened a .doc) none of the programs shown as running were accessed from the Windows root drive, including Opera, OE and Avast antivirus. All had to be copied over and opened from the external drive. Trying to open them on the root drive just brings up that error message.

 

Chaslang, just letting you know I appreciate all these things to try, and am trying to work on them. Have had many interruptions and distractions preventing me from fully implementing all this advice, w/post back once I've been able to complete (or not) everything you suggested. Thank you.

 

No, didn't work. Just got the "Windows cannot access..." error message.

Yes, there is. Folder contents are: empty "Temp" folder, and two text files, filelog and sysinfo. Here's the content of the filelog:

And here's the sysinfo contents:

Yes, ran it. It found and deleted three files, and found/quarantined two add'l. files.

Ran one, can't remember which one worked, but it returned this txt file:

Ok, did it. Here is the txt file:

Ok, did it. Here's the log:

What next?

 

Ok, done.

Done, but I had to find the cmd.exe file and copy it over to E: before I could open a command prompt window. Trying to open it from C: just brought up that error message. Also, don't know if it means anything or not, just reporting what happens, but I could not use the commands you gave. Only way I could get into the C:\MGtools directory was to first type "C:" hit "Enter" and then type "cd\ mgtools" and hit "Enter" -- for some reason the command wouldn't work the other way. [/quote]

It ran a scan and returned the following logfile:

Inline log deleted. Please remember that all logs must be only attachments.

Ok. It also ran and returned the following logfile:

Inline log deleted. Please remember that all logs must be only attachments.

Ok, done. Thank you very much for continuing to help me on this. This is hands down the most frustrating, maddening thing I've ever dealt with in a lot of years!

 

Thank you for your continued patience and help.

Ok, did. There was a problem at the very end of the scan. It may show up in the log but if not, I got an error box w/the message:

Ok, I did it. Had to do this via command line also, couldn't access User Accounts via the Control Panel. But I got the account made, gave it Admin permissions, and was able to log in under the account and access Control Panel. As of now I seem to have fairly good functionality under the new account, couldn't open the old Firefox but was able to download/install/run a new copy. Able to import data into mail, open docs from old user folders, etc. The old account, however, is still virtually unusable, can’t run anything off of C: etc.

At first couldn’t do it. Was able to open Add/Remove Programs gui as newuser but it said I didn’t have permission to uninstall. Logged off, then back on, then was able to do it. However, uninstalling it doesn't seem to have affected anything, except now I'm getting a warning from Windows that I need an Antivirus.

 

Thank you. I'm sorry I apparently missed something in the initial "Using MGTools." I thought I had done everything recommended.

I'll go ahead then and go with the new account since it seems to be working ok. Thank you for the suggestion to try that. I hadn't thought of doing that. Though I still wish I knew what corrupted the other account. Without that knowledge I'm concerned about something similar happening in future. However, if it does I have a few more tools now in my arsenal than I did before.

I will go ahead and follow the advice given in the final steps. Thank you for your assistance.