windows.exe virus

May 2, 2011 at 11:35:51
Specs: Windows Vista

My sidebar is missing as of today... Tried to open it through going to Start, search Sidebar, enter but the window with 'which program you want to use to open this' popped out. Once I've found the relevant program online and downloaded it I tried to run it but as soon as pressed 'Run' the same window asking 'Which program you want to open this with' popped up...
And I can not open/find any files with .exe extention om my laptop!

What to do???


See More: windows.exe virus

Report •


#1
May 2, 2011 at 12:13:06

Take a look:

http://support.microsoft.com/kb/950...

Let us know how it goes, and we will proceed with any further action. Looks as if you got yourself some malware.


Report •

#2
May 2, 2011 at 19:34:33

Thank you for the suggestion! I have found that link myself earlier today but am a bit reluctant to use it as worried it might restore my laptop to original settings (don't want to lose any data even though have backed up). Have you used it before? Does it just clean up malware or restore to original settings?
Thank you!

Report •

#3
May 2, 2011 at 20:39:18

This is the Registry merge provided in the link:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithList]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.exe\OpenWithProgids]
"exefile"=hex(0):

Basically, the Registry key you would deal with is: HKEY_CURRENT_USER.

It is not used to restore everything in your laptop to its original settings, it only changes the settings of the key above, if they have been changed.

Here are some options:
Backup

You can opt to backup the HKEY_CURRENT_USER key following these instructions:
http://pcsupport.about.com/od/windo...

If your comfort level increases backing up the entire Registry, then, follow these instructions:
http://windows.microsoft.com/en-US/...

Use a program to view the Registry:
^^Recommend the following, for now^^

Download RegSearch:
http://www.xs4all.nl/~fstaal01/down...

Save to your Desktop.
Then unzip, and click on the regsearch.exe to run the tool.

In the display panel, copy and paste the following into the upper box:


HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts

Click Okay.

Once the scan completes a textbox opens
>>Please copy/paste the contents in your reply.<<
(The RegSearch.txt log is also found in the same lfolder as the regsearch.exe file).


Examine the Registry Manually:
http://www.ralphthegeek.com/registr...

Click the Windows button on the keyboard, and the R key
Then "Run" prompt appears.
Type regedit into the text field, and click OK.

There are five main branches, each containing a specific portion of the information stored in the Registry. They are as follows:

HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
HKEY_CURRENT_CONFIG

Navigate the registry by clicking the plus to the left of the branch you want to go into. This expands the Key.

In your case, click the [>] to the left of HKEY_CURRENT_USER
Click the [>] to the left of Software
Click the [>] to the left of Microsoft
Click the [>] to the left of Windows
Click the [>] to the left of CurrentVersion
Click the [>] to the left of Explorer
Click the [>] to the left of FileExts
Click the [>] to the left of .exe

Under .exe, you will find:
OpenWithList
PenWithProgids


Report •

Related Solutions


Ask Question