.exe & .com files messed up!

Hi all,

I'm new to the site so bear with me. So I downloaded a game to play thru an emulator (yes i own the game but don't have it here) and when I ran the program it froze up. I then tried to close the program with ctrl+alt+delete but it would not respond. My computer would also not respond when i tried to restart it so I held down the button to turn it off. Upon restarting i got the same problem that i read about in this post.

http://forums.majorgeeks.com/archive/index.php?t-134262.html

all .exe, .com, .bat, anything important will not open and says this:

"this file doesnt have a program associated with it for preforming this action. create an association in the folder options control panel".

I tried the exefix_xp.com but since i cannot open .com files it wont work. I try to install this inf file called UnHookExec.inf whic i was told would help but it wont work either. i read in that post that i put the link up for that the guy in that post fixed his problem with an "attached" file but i did not see a file to download and try.

Someone please help me before my girlfriend kills me for messing this thing up! HAHA

Thanks All!

 

Hi chbradle,
Welcome to Major Geeks!

Can you take your computer back to a restore point which precedes this problem? If you've never done this before, go to Start / All Programs / Accessories / System Tools / System Restore check the box to Restore my computer to an earlier time and click on Next. You'll see a calendar with highlighted dates. Choose one of the dates just preceeding these problems and allow your system to return to that date. See if the problem goes away.

For Vista: http://www.bleepingcomputer.com/tutorials/tutorial143.html#restore

Let me know if this works.
abri

 

no system restore wont work because it cannot open that filetype. I can't even get into the performance & maintenance tab because windows cant open it.... to me it sounds like exactly what happened to the guy in this post but im not sure.

http://forums.majorgeeks.com/archive/index.php?t-134262.html

 

ive spent hours on the phone with the people at dell who inevitably tell me to call microsoft.... then microsoft tells me to call dell cuz they dont give a crap.

i tried the recovery thing while using the windows cd and it said it repaired some problems but the problem persisted after i rebooted.

 

chbradle,
I remember the thread you posted. Don't call Dell and Microsoft just yet. It's not an impossible problem. Thanks for being patient.
abri

 

HAHA, I already did call them at like 2 in the morning... they just give up after 10 minutes and tell me to wipe the whole thing. Either that or they tell me my warranty doesnt cover that kind of customer support (what kind of crap is that?) Thanks for at least taking the time to look at my problem!

 

The attached file was the UnHookExec.zip attached to post 9 of the thread you mentioned. It's possible that you are viewing the archived version of the thread. If so, please go to the top of the page and be sure that you click on "View Full Version". This will allow you to see the attachment in post 9. See if you can download it, extract it and get it to run.

Better yet, I can attach it here.

Download the attached inf file, save to your desktop.
Right click on the INF file and select "install" from the list.


abri

 

Well it appears the problem will not be as easy to fix as that other guys.... when i try installing that UnHookExec.inf file it gives me the same message and asks if i want to choose the program to run it from a list or to search the web.

 

well i was able to download them on the computer that is messed up but i can't run either program. It still asks which program i want to open it with.

 

the wierd part is that only certain files, like some excel and adobe files in the my documents file still work, but those are the only ones.

 

Sorry for that, I had some stuff to take care of real quick. I was able to unzip the files but was unable to execute them still.

 

it would not allow me to import those files.

i did the trick to get the command promt to open, at least that is working now... but how do i manually import those?

 

Hi chbradle,
Thanks for your continued patience. The problem you're describing is not completely unfamiliar, it's just slighly uncommon, so if you would be so kind as to wait, I will return with some further instructions. While you're waiting, did you try the other instruction Bj mentioned of renaming regedit.exe to regedit.com? I think it won't hurt anything to try this. You can try it in the following couple of ways and see if either will work while I do a bit more research. Also, when you opened the zip file, did you rightclick on the file and then select install as he suggested?

If you did that and it didn't work, then please try the following, first one and then the other:

Can you go to C:\Windows and find the file called regedit.exe (you will need to have Windows Explorer options set so that all Hidden Files are visible. To do this open Windows Explorer, go to tools and then folder options. Select the View tab and look for the three options which allow you to see the file extensions, the hidden files and the system files. You have to read these options carefully, because sometimes they are worded backwards (show system files has to be unchecked while hide file extensions has to be unchecked). See if you can do this first.

Then if you can, open Windows Explorer and go to C:\Windows and look for the file regedit.exe
If the file extensions aren't showing, it will just be called regedit.
Right-click on it and see if you can use the rename function. If so, change the name to regedit.com

If renaming it in the above-mentioned way is not possible, see if you can get to the command prompt either by going to start / run and typing in cmd and hitting ok, or alternatively, try booting into safe mode with command prompt. To boot into safe mode, hit the F8 key during bootup until the menu appears of which one of the options is safe mode with command prompt. Select that one.

In the window that looks like a dos window, type or copy paste in

copy regedit.exe regedit.com

press enter
then type regedit.com and press enter.

Let me know if you have any success with these, while I research a different possibility.
abri

 

Well, I was able to fix the .exe file problem... since that was what was keeping me from doing a restore now im just going to try a system restore and see if that works....

 

well my first attempt at a restore did not work... im going to try an earlier date...

 

hmmm.... system restore does not seem to be working... maybe i have to go thru and manually fix each file type...

 

I did manage to fix my file associations but now when i start it up, not all of my programs boot up with it anymore... maybe ill check msconfig to see if it still has a normal startup process... slowly but surely ill get er done

thanks guys

 

ok... now the wierd part.... i have all the extensions fixed but when i go to run/msconfig and go to the startup tab it erased all of my startup processes like ad-aware, dell quickset and other... only my hp printer stuff and symantec startup with it...

 

Hi chbradle,
For the record, what did you do to start with that actually helped?

Please go now to the READ & RUN ME FIRST and try running whatever will run of the instructions and attach the logs. After we can get a look at your logs, it will be possible to see what's causing all these symptoms.

Thanks.
abri

 

What i did to "fix" it was I did the .exe fille association fix and the .bat file association fix and then I used the utility from Doug's site that reset all of the application associations to default. Then all of my icon were back to normal and they all worked but my startup processes in the msconfig window had been completely removed.... that is besides symantec and my hp director. Im still unable to get my battery icon to show up in the task bar and I also no longer have my wireless network icons in the task bar either though I can still access the internet.

 

ok i finally got all the run me files taken care of... here are the logs.

Thanks

 

heres the last log. Thanks again!

 

Hi chbradle,

Your logs are basically clean. I think what happened had to do with a software conflict that occured when you tried to use the game. We have forums for both gaming and software questions, so for the future use of that game, I would go to gaming and start a thread to see if anyone else has encountered such a problem. That's the one thing.

There's one file that I would like for you to remove. It may be part of the gaming software. It is variously identified as harmless or part of a rootkit, but it doesn't seem to adversely affect anything to remove it, so that's what we'll do. Then I'll post you the final cleanup instructions to get all the logs and tools out of your computer you put on for your work here.

Normally in the final cleanup we ask people to wipe all their previous restore points and put in a new one. In your case, I would ask that you use your own discretion. I don't think your previous restore points are infected. I think your system restore was not working.

If you are curious about your restore points, you can go to Running BitDefender Online Scan and have it do an online scan of your computer. It picks up infected restore points and would be easy enough, by saving the log in the proper way, to check if any of them are infected.

First to remove that one file:

I would like to have you use ComboFix to remove this file and reset some things in the registry.

• Make sure that combofix.exe (cf.exe) that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
• If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::

DRIVER::
gel90xne

FILE::
C:\DOCUME~1\Owner\LOCALS~1\Temp\gel90xne.sys

REGISTRY::

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"HideLegacyLogonScripts"=-
"HideLogoffScripts"=-
"RunLogonScriptSync"=-
"RunStartupScriptSync"=-
"HideStartupScripts"=-

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"HideLegacyLogonScripts"=-
"HideLogoffScripts"=-
"RunLogonScriptSync"=-
"RunStartupScriptSync"=-
"HideStartupScripts"=-

• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note: Do not mouseclick combofix's window while it is running. That may cause it to stall.


Now run CCleaner at the default setting with the Windows tab as the top one.

And here are the final cleanup instructions:If you want to keep HijackThis and the backups, use the alternate instructions at the bottom of the box before you delete the MGTools.

abri

 

Well here is the log file from that run of ComboFix. I would like to thank you all for taking the time to help me out with this problem. I greatly appreciate it! If there is any concern with what is in the log please let me know... I don't really know what I am looking at.

Good job and thanks again! :-D

 

I did have one other question now that I think of it. When all this was finished I noticed that all of my startup processes had been removed from the msconfig list so that only symantec opens at startup. I downloaded Startup CPL and they don't even show up in there. Now my battery icon, my speaker icon, and my wireless connection icon don't show up unless I manually go into "sounds & audio devices" in the control panel and click "place volume icon in the task bar." If I do this at startup all three of those icons will then pop up in the toolbar but it won't save that change and I have to do it every time I start the computer up. Furthermore if I try and go to the power options, the "place battery in task bar" option is already checked but there is no icon. If I then uncheck it and recheck it, it still does not show up. I just thought this was wierd and would see if you guys had heard of anything like this before.

Thanks again you all.
Take care!

 

Hi chbradle,

If you still have your old restore points, I would recommend trying again to get back to a restore point which precedes the installation of the game. Since you have your file extensions back, may it will work, and I always like trying easy solutions before hard ones.

abri

 

Yeah i tried like 4 different restore points and all of them failed

I have since then deleted the all so I'm just going to make do with how it is now. Anyway she is going to have the guy that set the computer up take a look at it to see if he can get it back to the way it was. It's not like I'm having a REAL problem with it anymore. I just thought I would ask.

Thanks

 

Hi chbradle,
I think that all the problems you encountered resulted from software conflicts, which can be as damaging as malware problems. I encourage you to start a thread in the Software Forum and refer them to the information here with the description of what you did and what happened, and they will be able to give you more feedback. It's really a pain when stuff like that happens, and I hope that all is now well.
abri

 

Thank you for your concern. ATM I have the computer running smoothely with only those minor problems like my icons not popping up. Anyways, thanks for all your help. I might just have to put a thread up on the software forums. Thanks for your time.

chbradle

 

You're welcome!
If you get them back, please take a moment to post here what you did.
Thanks.
abri