Unable to open any .exe

Brand new and clueless. I ran Spybot S & D and removed all that it found. Since then I have been unable to open 75% of the programs from my desktop, the start menu or from explore. I get an error that says "This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel."

I am able to open Internet Explorer only from a shortcut to an ISP. When I do open it it takes me to about:blank.

I was able to access Spyware S&D once after it was installed but I have been unable to open it again.

I am running Windows XP. I have 28.4GB free. I'm not sure what other information I can provide. Thank you in advance for your assistance.

 

Without any other info, it kind of sounds similar to the behavior I recently saw caused by a variant of the Fun Love virus. Getting any file not found messages? Any lock ups?

You say it seemed to start happening after running SpyBot S&D. Have you tried a System Restore to a point before you ran SpyBot?

 

It sounds as if you've deleted everything spybot found .it doesnt mean that everthing it finds is spyware. spybot will give you a log of all programs that are run on start up ,anti virus programs firewall,etc,your current homepage and internet provider (internet explorer,) if you delete all of these then you will have stopped these procees runing when you start up
"This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel."
you are getting that message because you have broken the link between the icon and the run process.
Did you create a back up if you have you can reinstall these run processes .

 

I did create a backup because Spybot asks if you want to do this first. I am not sure how to retrieve it. (Just computer illiterate).

I have not been able to access system restore because I get the same error message when I try.

 

If you can do this: Start -> Run -> and Browse to C:\Program Files\SpyBot - Search & Destroy\spybotsd.exe and run it. Once you get Spybot open, you can use the Recovery feature.

I must say I've never seen, in using Spybot on dozens of machines, a time where it offered to let me delete critical system files. I have seen, however, times with certain spyware removal programs, that removing the malicious files left a legitimate file the spyware modified in a state of inoperability.

 

I was able to get in and do the recovery but Email-Stealer MAP132 stays. An error box pops up that says "error while restoring registry settings". I rebooted the computer after recovering the other things but I still get the original "file does not have a program associated with it..." message.

 

See if you have a file C:\Windows\explore.exe (not explorer.exe), and some files like a.bat, a.scr, a.exe, a.pif in the same folder. You can get there by Start -> Run -> type in explorer and hit OK.

 

It says that windows can not find that file.

 

Go to My Computer > Tools >Folder Options >View tab.

Uncheck "Hide Extensions for Known Filetypes".
Click OK.

Rename C:\windows\regedit.exe to regedit.com

See if you can open it now.

I'll wait to respond with the rest until I hear back

 

C:\Windows\explore.exe, if it exists, has the attributes hidden and system. Your current Windows settings, while keeping you from doing harm to legitimate Windows files, could also be hiding ones such as this. I don't want to start you on a wild goose chase, so I will just offer a link to a description of the worm, or variant thereof, I suspect, and you can pursue it if it seems plausible.

http://securityresponse.symantec.com/avcenter/venc/data/w32.galil.c@mm.html

 

I unchecked the hide file type extensions. When you say rename do you mean typr it in "Run"? ( I apologize for being computer illiterate).

 

No

Just locate it in C:\windows, then rename it from regedit.exe to regedit.com.

 

I renamed it to regedit.com

 

And?

Can you open it now?

 

I still get the file does not have a program associated with it error when I try to run regedit.com

 

Try this.

Rename it to regedit.cmd and tell me if it works.

I really dont think you have spyware, I think you have the swen virus or a variant.

 

"Registry editing has been disabled by your administrator"

 

Ok, LOL.

Yup, you got swen. Standby.

 

Right click this file, extract all.

Follow the prompts.

Then, right click, install on the inf.

 

Let me know when you get regedit working.

 

Then run regedit.

Navigate to:

HKEY_CLASSES_ROOT\exefile\shell\open\command

Make sure the default key on the right says this:

"%1" %*

*Note the space*

If it doesn't, doube click default, then modify it.

Then run the removal tool:

http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.removal.tool.html

If you need help doing this, add me to Messenger, and I will help you from there.

 

If you are wondering why i included all this extra stuff, there are too many times the Swen removal tool wouldn't run for my clients/customers because, well, exe files do not work.

You are welcome to try the removal tool right off the bat