cooper

broken.open.cmd

19 posts in this topic

I've done a great deal of investigation and it appears that there is only one application that can find and eradicate broken.open.cmd and that is Malwarebytes. The reason is obvious....the program put it there.

Hell of a way to sell a product

Share this post


Link to post
Share on other sites

Regarding these keys:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand)

HKEY_CLASSES_ROOT\exefile\shell\open\command\ (Broken.OpenCommand)

The newest Malwarebytes version will correct this issue

Actually even older versions will

Have you been using registry cleaners or tweak tools?

This could have "broken" the key

Do note that Malwarebytes (like all programs, including even Windows itself) try to resolve all bugs and issues.

This one is resolved :)

Share this post


Link to post
Share on other sites

This was a bug from many versions ago that we fixed in later versions and unlike you are insinuating , we don't ask for $ to fix it :)

Share this post


Link to post
Share on other sites
This was a bug from many versions ago that we fixed in later versions and unlike you are insinuating , we don't ask for $ to fix it ;)

I just updated to the latest version (1.44) and still get the "broken.open command HKEY_CLASSES_ROOT (etc). Is there something I can do?

Share this post


Link to post
Share on other sites
This was a bug from many versions ago that we fixed in later versions and unlike you are insinuating , we don't ask for $ to fix it :)

I'm continually getting this with a newly downloaded version. Is it a real problem or not? Mcafee doesn't turn it up at all.

Share this post


Link to post
Share on other sites
I just updated to the latest version (1.44) and still get the "broken.open command HKEY_CLASSES_ROOT (etc). Is there something I can do?

I purchased Anti-malware three weeks ago and got this same problem on the first scan. I updated today and still have the problem. The software has saved me several times and works great but this glitch is annoying. I was concerned at first but I now am assuming it is innocuous after reading several other complaints.

Anybody know of a workaround?

Share this post


Link to post
Share on other sites
I purchased Anti-malware three weeks ago and got this same problem on the first scan. I updated today and still have the problem. The software has saved me several times and works great but this glitch is annoying. I was concerned at first but I now am assuming it is innocuous after reading several other complaints.

Anybody know of a workaround?

I have been a Malwarebytes Anti-Malware user for 2 years and I recently did an update and ran a complete scan and got a similar error "Broken Open Command - Bad Notepad EXE%1". I clicked on repair, it said the problem was fixed and to restart the system which I did.

I ran Anti-Malware again and got the same message. I called Dell On-Call who I have a contract with, but I could not duplicate the error message again with them on the system (naturally!). They ran some tests and they told me that there was nothing wrong with my system.

I am still getting this message every time I update and run Anti-Malware and it's driving me nuts!!

If this message is Bogus, how do I get rid of it ??? :) PLEEEASE HELP MEEEE

Share this post


Link to post
Share on other sites

Greetings :)

Are you using System Mechanic on your system? If so, I believe it actually sets the entry this way, meaning you should have Malwarebytes' Anti-Malware ignore the detection.

If not, then it may simply be an issue with permissions on that registry key preventing Malwarebytes' Anti-Malware from fixing it in which case you can do the following, but only use this tool if you are running an English version of Windows XP as it has not been tested on other operating systems:

Reset Default Permissions:

  • Please download ResetDefaultPerms by AdvancedSetup from here and save it to your desktop
  • Close any open programs and save anything you were working on
  • Double click on restoredefaultperms.exe to run it
  • Once it completes it will restart your computer

Then try another scan with Malwarebytes' Anti-Malware and if it finds the entry, have it fix it and then restart your system and scan once more to see if it is now resolved.

Please post back with your results.

Thanks :)

Share this post


Link to post
Share on other sites

Thanks! It worked! It's been popping up for months, and I finally got tired of it enough to take the time to try to fix it!

Share this post


Link to post
Share on other sites

You're very welcome :)

If you require any further assistance please post and we'll do our best to help you out.

Thanks :)

Share this post


Link to post
Share on other sites

I'm afraid I have to take you up on that offer already. Since I ran the program, my boss can no longer send emails! :) She's furious! She uses Microsoft Outlook. Any suggestions? The program is the only thing I've done out of the ordinary that I can think of.

Share this post


Link to post
Share on other sites

Hi Linda's Peep -

Please copy and paste this code into the Run Box - Close all other programs first - It will run a full 5 stage check disk -

It will restart your computer, so do not worry -This usually takes about 30-45 mins depending on your system and you will not be able to use any other programs while it runs -

CMD /C ECHO Y|CHKDSK C: /R | SHUTDOWN /R /T 30

Hope this repairs any minor faults remaining -

Thank You - :)

Share this post


Link to post
Share on other sites

Is this the same thing as doing the error checking from the Tools Tab in the Properties menu that is accessed from the C Drive? If it is, we tried it, and it didn't work. If not, please tell me what this code is. I'm a little gun shy to try anything I'm not familiar with.

We spent all day with our ISP, and could not get the send emails feature working. Strangely enough, all of a sudden, we are receiving emails. We have uninstalled Iolo, System Mechanics, and Malware Bytes in an attempt to resolve this issue. We are now using McAfee, and will reinstall Malware Bytes when we can get everything working right again.

Thanks so much for your help.

Share this post


Link to post
Share on other sites

Hello again :)

The code is indeed the same as a Disk Check.

I would recommend resetting your email settings in Outlook (ie the email addresses/accounts, passwords etc) and then recreating them, it's possible that the data got corrupted and recreating it should fix it. You will need the port settings, email addresses and passwords so don't remove the existing accounts until you're certain you have everything written down to properly re-create them.

Share this post


Link to post
Share on other sites

We did run the Disk Check, and spent hours on the phone with different tech support people. We think we have the issue resolved, but I will show my boss your post so she will have it for future reference. Thank you for your help!

Share this post


Link to post
Share on other sites
[*]Please download ResetDefaultPerms by AdvancedSetup from here

-------------------------------------------------------------------------------------------------------------------------

That app has malware in it, as seen by uploading the file to www.virustotal.com :

McAfee-GW-Edition 6.8.5 2009.12.31 Heuristic.BehavesLike.Win32.Dropper.H

See the result here.

Share this post


Link to post
Share on other sites

This is not malware. That is only 1 hit on Virustotal and its not a hard hit but a Heuristic meaning it behaves like but could be totally fine.. Also you must check the date...

File size : 179264 bytes

First seen: 2009-12-31 14:43:42

Last seen : 2009-12-31 14:43:42

Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

If i file has been around more than a few weeks and only has 1 hit on vt than that hit would be a false positive.

Probably the only reason Mcafee detects it as a heuristic dropper is cause its packed with Winrar self extracting.. and unpacks a couple files.

Also i reanalyzed the file..

http://www.virustotal.com/file-scan/report...08f1-1285944169

Now the mcafee detection is gone.. now there are two other detections..

one is gen detection.. Meaning its designed to hit a lot of files.. But also a lot of false positives. The other says the file is damaged.. Not the case..

You have to pay attention to virus total.. Just because 1 or 2 hits doesnt make it malware. You have to check the first seen date.. If a file has been around longer than a few weeks and doesnt have more than 10 hits than you can always bet the hits are false positives/ generic detections, or heurisitics.

Share this post


Link to post
Share on other sites
This is not malware. That is only 1 hit on Virustotal and its not a hard hit but a Heuristic meaning it behaves like but could be totally fine.. Also you must check the date...

File size : 179264 bytes

First seen: 2009-12-31 14:43:42

Last seen : 2009-12-31 14:43:42

Magic: PE32 executable for MS Windows (GUI) Intel 80386 32-bit

If i file has been around more than a few weeks and only has 1 hit on vt than that hit would be a false positive.

Probably the only reason Mcafee detects it as a heuristic dropper is cause its packed with Winrar self extracting.. and unpacks a couple files.

Also i reanalyzed the file..

http://www.virustotal.com/file-scan/report...08f1-1285944169

Now the mcafee detection is gone.. now there are two other detections..

one is gen detection.. Meaning its designed to hit a lot of files.. But also a lot of false positives. The other says the file is damaged.. Not the case..

You have to pay attention to virus total.. Just because 1 or 2 hits doesnt make it malware. You have to check the first seen date.. If a file has been around longer than a few weeks and doesnt have more than 10 hits than you can always bet the hits are false positives/ generic detections, or heurisitics.

I would like to ask the support staff if it would be safe to delete the scrfile and regfile folders completely out of the registry. I have deleted the regfile>shell>open and scrfile>shell>open folders and there is trace of the command in the registry but malware is still finding it. Is it safe to delete those folders in the registry?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.