Saturday, June 25, 2011

Antivirus 2011 Malware Breaking EXE File Association

I had to fix a PC today that was infected with one of those "Antivirus 2011" malware that do annoying things like prevent you from starting the task manager, msconfig, etc. This one also did a new thing that I had not run across before. It changed the file association in the registry for ".exe" files so that they did not run correctly anymore. I usually use "system restore" as a last resort but I had a pretty good feeling it would solve the problem. However, I wanted to see if I could fix it without doing a "system restore". Once I was able to clean the malware from the computer by identifying the software being loaded and deleting it from the hard drive, I focused on repairing the registry so that executable files ran correctly again. I found a great website that has ".reg" files to do just that. Here is the link:

http://www.dougknox.com/xp/file_assoc.htm

I downloaded the ".reg" file that fixed the ".exe" registry entries, rebooted the PC and everything was back to normal. There are many other ".reg" files available for download on the website.

No comments:

Post a Comment