Resetting shell\open\command registry keys

Dont you sometimes hate these GOD DAMN! viruses that affects your windows computer…. I do and recenlty my home computer was infected by accident… the registry and tools>folder options were also disabled… luckly my scanner disabled that F***ER but i was stuck with the disability… The Fix i found out was simple, just an ini file which resets the registrey…

Determining the problem:

As part of their routine, many worms and Trojans make changes to the registry. Some of them change one or more of the shell\open\command keys. If these keys are changed, the worm or Trojan will run each time that you run certain files.

For example, if the \exefile\shell\open\command key is changed, the threat will run each time that you run any .exe file. This may also stop you from running the Registry Editor to try to fix this.

They may also change a registry value so that you cannot run the Registry Editor at all. This can be identified, when u try to run the regedit command it will say "You dont have administrators rights"…

THE FIX:

Download the file UnHookExec.inf and save it to your Windows desktop.
Right-click the UnHookExec.inf file and click install. (This is a small file. It does not display any notice or boxes when you run it.)

This is what the file contains:

[Version]
Signature="$Chicago$"
Provider=Symantec

[DefaultInstall]
AddReg=UnhookRegKey

[UnhookRegKey]
HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"
HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe "%1""
HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"
HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0

well hope this helps, make sure ur virus database are upto date and have an updated anti-virus scanner installed. I use Avast! anti-virus and AVG anti-virus and also i use Clam AV on Unix (all these are free and powerful as nod32, symantec)

source: http://www.sarc.com/

About this entry

You’re currently reading “Resetting shell\open\command registry keys,” an entry on My Weblog

Published:: June 12, 2006 / 7:34 am

Category:: Uncategorized

Tags:

ibrahim 6.12.06 / 9am

i clean viruses with my bare hands. they’re as powerful as anything out there.

garfield 6.14.06 / 3am

bare hands????? a computer virus??? hmmmm….?????

distributive property of multiplication 2.3.07 / 1pm

distributive property of multiplication

SomegifttoME 561023 Of distributive property of multiplication and more

nude babes 4.25.07 / 12pm

nude babes

nude babes foundation

hot wheels price guide 5.31.07 / 8pm

hot wheels price guide

ka-ka-sh-ka 3359686 Eye of hot wheels price guide

double anal summer tyme 6.7.07 / 7pm

double anal summer tyme

ka-ka-sh-ka 3359686 homepage of double anal summer tyme

dosugnuph 8.23.09 / 10am

�� – ��:
– ��, �� , ��
�� ?
– �� , �� !

Alta 4.14.13 / 4pm

You can certainly see your skills within the article you write.
The world hopes for even more passionate writers like
you who are not afraid to mention how they believe.
At all times follow your heart.

Http://Uncertainsimile.com/?P=215 5.23.13 / 7pm

It’s very easy to find out any matter on web as compared to books, as I found this post at this web page.

buy ultimate stretcher 6.4.13 / 11pm

Good day! Would you mind if I share your blog with my zynga group?
There’s a lot of folks that I think would really appreciate your content. Please let me know. Thank you

facebook hack 7.18.13 / 9am

Its like you read my mind! You appear to know a lot about this, like you wrote the book
in it or something. I think that you can do with a few pics to drive the message home a little bit, but other than
that, this is excellent blog. A fantastic read.
I’ll definitely be back.

dota 2 treasure key hack.exe download 7.6.15 / 2am

Hi there Yahoo works fine but your web site is starting slowly which took nearly a few minutes to load up,
I don’t know whether it’s my very own problem or perhaps your site issue.
Well, Let me appreciate you for placing amazing post.
Nearly everybody who actually visited this great site must have found this particular article
literally beneficial. This is definitely terrific what you have done
and would like to discover even more great content
from your website. I already have you book-marked to
see blogs you post.

Isabelle 7.22.15 / 7am

You know I am not sure if it is me or simply your website but it
is launching slowly , I had to spend just like a few minutes to load but facebook operates properly
. Anyway, Thanks for putting up such a excellent articles.
I’m guessing this has been useful to plenty of people who arrived
at this point. I hope I will be able to get further remarkable content and I should certainly
flatter simply by telling you have carried out fantastic job.
After checking out your articles, I’ve book-marked your site.

www.gta5android.com 9.7.15 / 1pm

Hi! Your site is loading slowly , the site took sort of a minute or so in order
to load up, I personally do not know if it’s just simply me or
your web site on the other hand google and yahoo loaded for me.
Well, I have to thank you for including wonderful post.

I’m sure this has already been really helpful to user
who seem to visit here. I personally need to tell you that you have done
fantastic job with this plus wish to find much more amazing stuff from you.
To obtain more knowledge through articles you write-up, I actually have
saved to bookmarks this url.

Willard 11.11.15 / 4pm

Hey Your site loads up seriously slow if you ask me, I don’t know who’s
issue is that however youtube starts extremely fast. On the other hand I appreciate you
for submitting fabulous articles. I’m guessing it really has
already been useful to many individuals who came in this article.
I personally ought to tell you that you have done brilliant
work with this and additionally wish to find much more wonderful stuff from you.
Immediately after taking a look at the post, I’ve book marked your web site.

jawad 3.19.17 / 8am

Jawad

My Weblog

Resetting shell\open\command registry keys

About this entry

16 Comments

Leave a comment Cancel reply

About

Recently

Categories

Monthly Archives

My Weblog

Resetting shell\open\command registry keys

Share this:

Related

About this entry

16 Comments

Leave a comment Cancel reply

About

Share this:

Related

F.R.I.E.N.D.S

Recently

Categories

Monthly Archives