Problems with takeown takeover

Question

mikegrace 0 Newbie Poster

15 Years Ago

Hi

I have an unusual problem in that I can no longer open AVI, MP3, WAV, WMV or MPEG files by double clicking on them, but I am concerned that the real problem is more complex and would like some advice as to whether I need to re-install Vista or there is a simple fix. The problem seems to be related to the 'takeown' command which I had never heard of before this happened. It seems to have "taken over" my PC when I want to play media files.

My system: I am running Vista Home Premium (SP1) on a P5 Intel PC (2.66 GHz, 2664 Mhz, 2 Core) with 4GB RAM.

The symptoms: first noticed when I double-clicked on a AVI video file and UAC came Up (which was unusual) and when I clicked on 'Yes' to proceed the command window flicked on for a brief moment then disappeared and after than nothing happened. I can play the AVI by right clicking and using 'Open with ..'. This behaviour also applies to MPEG, WMV, MP3 and WAV files, but not FLV or MOV files (which play normally).

Odd thing: at the same time all my printer drivers seemed to disappear. I got them back by reverting to a System restore point 2 days previous - but not to a point before than - which suggests whatever happened was a couple of days ago. Or this may be coincidental.

What happens?

When I double click on the above types of files I get a UAC type message that looks slightly different (sorry, I couldn't capture a screenshot) and contains the words "Windows Command Processor" and an icon of the CMD Prompt Window. If I click on 'Details' I get the following message "cmd.exe" /c takeown /f "U:\Video Clips\April" && icacls "U:\Video Clips\April" (this last is the file I am clicking on on the external drive U). If I click on continue that's when the CMD Window opens and closes so fast I can't read what it says - then nothing happens at all.

I have tried double clicking on office files with no problem - they open normally.

I googled 'takeown' and discovered what it does, and it was then I noticed that if I right click on any of these files (in fact any files) I now have a new option - 'Take Ownership' which I didn't have before and I never created - so some software I have installed has presumably done it. By looking in the register I have found the following:

HKEY_CLASSES_ROOT\*\shell\runas\command
There are 2 lines both saying cmd.exe /c takeown /f “%1” && icacls “%1” /grant administrators:F

HKEY_CLASSES_ROOT\Directory\shell\runas\command
There are 2 lines both saying cmd.exe /c takeown /f “%1” /r/d y && icacls “%1” /grant administrators:F/t

Presumably these have introduced the new option to Take Ownership in the right click menu.

I am almost wary of now introducing the fact that around 3-4 days ago I got a warning from Windows Live One-Care that I had a trojan which it removed. I stupidly did not write down its name and am having trouble identifying it in a log somewhere. I have checked with anti malware and antivirus programs and nothing comes up - so I have no idea if this is connected.

I really want advice on what to do next. Do I remove those entries in the register and see what happens? Can I try anything else? I could revert to an image I took just before Christmas if need be - or if I have to reinstall Vista. Help please.

windows-vista-7-8

3 Contributors
20 Replies
606 Views
3 Days Discussion Span
Latest Post 15 Years Ago Latest Post by mikegrace

Suspishio 32 Posting Virtuoso

15 Years Ago

Your caution is wise. Something has changed the file association to "CMD /c ..." etc. Incidentally it's the /c that makes the CMD screen disappear. As an aside, if you amended the /c to /k in the registry entry, then the screen will remain.

Disregarding for the moment the possibility of Malware, when you right click the media file, you should be offered a choice to set the default program. Yes? And if so, what happens?

I've not seen such registry entries in _ROOT\*. Any chance of attaching a full text print of that registry section and the .avi entry down to two levels?

In any case, treat this as the consequences of a malware attack and run the anti-malware program mentioned in the Readme posts of the Virus forum If there's anything to report that you can't handle, do open a thread there and let us know here that you've done so.

Suspishio 32 Posting Virtuoso

15 Years Ago

Difficult to say what caused this. Did you try and take ownership of any media files?

Anyway, you can safely delete these two keys and reset your default for the media files.

Key Name: HKEY_CLASSES_ROOT\*\shell\runas
Key Name: HKEY_CLASSES_ROOT\*\shell\runas\command

The .avi key should have been further down in that part of the registry. I would have expected to see in ordinary circumstances something like (first three lines):

.avi
OpenWithList
VLC.ex

When you've removed those registry keys, re-booted and tried again, I don't expect these entries to come back unless something's putting them there.

When did this first occur? Date? Time if known-ish?

Stefano Mtangoo 455 Senior Poster

15 Years Ago

Check default program setting on Ctrl panel.
Then select VLC and set it to all files it is supposed to open.

Stefano Mtangoo 455 Senior Poster

15 Years Ago

After looking the image file, it looks like ownership problem. Try to copy that file into another Location and try to double click and see

Suspishio 32 Posting Virtuoso

15 Years Ago

That's fine. Just follow the steps I suggested (back up the registry first).

Let us know what's in the .avi line in the ROOT part of the registry.

If you have no trojan then I expect the aberrational behaviour to stop when you've deleted the registry entries. if those entries re-appear, then something's putting them there.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

mikegrace 0 Newbie Poster · Answer 1 · 2009-02-12T00:32:09+00:00

mikegrace 0 Newbie Poster

15 Years Ago

Many thanks for your reply.

First I altered the CMD /c to CMD /k as you suggested and the screen stayed open. I enclose a screenshot (it doesn't mean anything to me, I'm afraid).

On the default program - setting the default to VLC means I can see the clip as normal at that time, but as soon as I exit and then try double-clicking on it again I get the original problem.

I have attached a txt file of a printout from regedit - I hope I understood your request for 'that section down to 2 levels'. I did not understand what you meant by the .avi entry?

I ran Malwarebytes' Anti-Malware last night (without all the stages described in the Readme in the Virus Forum) and it got about halfway through all my drives before I stopped it - and I enclose that report as well. I have a large number of external backup drives (USB) attached and it hasn't scanned them all yet - but it completed the 3 hard drives in my PC (C:, D: and E:).

So the 3 attachments are:

CMD error-grace.jpg - screenshot of the CMD screen that opens when I double-click on the avi file
reg-grace_1.txt - my attempt at a printout of regedit
mbam-log-2009-02-11 (07-19-20).txt - log file from MBA-M run last night.

Meanwhile I will get started on the process in the virus forum.

Mike

mbam-log-2009-02-11_(07-19-20).txt (0.87 KB)

Malwarebytes' Anti-Malware 1.33
Database version: 1744
Windows 6.0.6001 Service Pack 1

11/02/2009 07:19:20
mbam-log-2009-02-11 (07-19-20).txt

Scan type: Full Scan (C:\|D:\|E:\|G:\|M:\|O:\|R:\|S:\|U:\|V:\|)
Objects scanned: 716834
Time elapsed: 12 hour(s), 56 minute(s), 6 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

reg-grace_1.txt (10.92 KB)

The attachment preview is chopped off after the first 10 KB. Please download the entire file.

Key Name:          HKEY_CLASSES_ROOT\*
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            AlwaysShowExt
         Type:            REG_SZ
         Data:            

       Value 1
         Name:            PreviewDetails
         Type:            REG_SZ
         Data:            prop:System.DateModified;System.Size;System.DateCreated;
       *System.OfflineAvailability;*System.OfflineStatus;*System.SharedWith

       Value 2
         Name:            PreviewTitle
         Type:            REG_SZ
         Data:            prop:System.ItemNameDisplay;System.ItemType

       Value 3
         Name:            FullDetails
         Type:            REG_SZ
         Data:            
       prop:System.PropGroup.FileSystem;System.ItemNameDisplay;System.ItemType;System.ItemFolderPathDisplay;
       System.Size;System.DateCreated;System.DateModified;System.FileAttributes;*System.OfflineAvailability;
       *System.OfflineStatus;*System.SharedWith;*System.FileOwner;*System.ComputerName

       Value 4
         Name:            TileInfo
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 5
         Name:            ExtendedTileInfo
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified;System.OfflineAvailability

       Value 6
         Name:            InfoTip
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 7
         Name:            QuickTip
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 8
         Name:            ConflictPrompt
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified;System.DateCreated

       Value 9
         Name:            SetDefaultsFor
         Type:            REG_SZ
         Data:            prop:System.Author;System.Document.DateCreated


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53



       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\Excel.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\IExplore.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\MSPaint.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\notepad.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\Winword.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\WordPad.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shell
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 20:23

       Key Name:          HKEY_CLASSES_ROOT\*\shell\removeproperties
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            ProgrammaticAccessOnly
         Type:            REG_SZ
         Data:            Apartment


       Key Name:          HKEY_CLASSES_ROOT\*\shell\removeproperties\DropTarget
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            CLSID
         Type:            REG_SZ
         Data:            {09a28848-0e97-4cef-b950-cea037161155}



       Key Name:          HKEY_CLASSES_ROOT\*\shell\runas
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 20:23
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Take Ownership

       Value 1
         Name:            NoWorkingDirectory
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shell\runas\command
       Class Name:        <NO CLASS>
       Last Write Time:   11/02/2009 - 17:11
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            cmd.exe /k takeown /f "%1" && icacls "%1" /grant administrators:F

       Value 1
         Name:            IsolatedCommand
         Type:            REG_SZ
         Data:            cmd.exe /k takeown /f "%1" && icacls "%1" /grant administrators:F


       Key Name:          HKEY_CLASSES_ROOT\*\shell\sdfiles
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 12:16
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Scan using Spybot-Search&&Destroy

       Value 1
         Name:            LegacyDisable
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shell\sdfiles\command
       Class Name:        <NO CLASS>
       Last Write Time:   17/09/2008 - 10:05
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            "C:\Program Files\Spybot - Search & Destroy\SDFiles.exe" "%1" /ask


       Key Name:          HKEY_CLASSES_ROOT\*\shellex
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
       Class Name:        <NO CLASS>
       Last Write Time:   03/02/2009 - 14:52
       Value 0
         Name:            <NO NAME>


         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\CopyToCD
       Class Name:        <NO CLASS>
       Last Write Time:   03/02/2009 - 14:52
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {2AA59FC0-31E8-42DA-9D3C-E9A52953853B}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\OnlineProtectMenu
       Class Name:        <NO CLASS>
       Last Write Time:   01/02/2009 - 22:02
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {48865F7A-E34C-483f-AA6F-4AA38E2C3FC4}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {09799AFB-AD67-11d1-ABCD-00C04FC30936}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\PowerDesk Menu
       Class Name:        <NO CLASS>
       Last Write Time:   24/04/2008 - 15:26
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {26E7F081-EB97-11d3-9239-006008D2D00F}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Sharing
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
       Class Name:        <NO CLASS>
       Last Write Time:   23/01/2009 - 16:03
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {B41DB860-8EE4-11D2-9906-E49FADC173CA}

       Value 1
         Name:            MenuMaid_Original
         Type:            REG_SZ
         Data:            {B41DB860-8EE4-11D2-9906-E49FADC173CA}




       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-
       a0b2badd77c8}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Start Menu Pin


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{B83DE13F-CFFA-6D3A-82DB-
       A32864B1E3AB}
       Class Name:        <NO CLASS>
       Last Write Time:   19/06/2008 - 06:32

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{CA8ACAFA-5FBB-467B-B348-
       90DD488DE003}
       Class Name:        <NO CLASS>
       Last Write Time:   17/09/2008 - 08:00
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            SUPERAntiSpyware Context Menu


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\BriefcasePage
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {85BBD920-42A0-1069-A2E4-08002B30309D}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\CryptoSignMenu
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {7444C719-

mikegrace 0 Newbie Poster · Answer 2 · 2009-02-13T14:33:32+00:00

Sorry everyone for not replying yet - I have been working through the procedure for trying to make sure I don't have any viruses or trojans and not logging onto the internet.

I am currently using another computer to catch up on e-mail - and I don't think I'll have access to my affected PC until tomorrow.

I will attempt your suggestions then and report back.

Meanwhile - here are your answers to the questions I can answer.

I did not try to take ownership of any files. I first noticed the problem about 2 days ago, but as I hadn't tried opening any media files for several days it might have started 3-4 days before that. Currently I have VLC as my default for avi files, and was using it for my MP3 files as well, but changed that about 6 days ago - and I tried a new audio player (which might have caused the problem). However, as I used System Restore it has removed the player from my PC. It was called UltraPlayer and i downloaded it from Download.com (which I assume to be a safe site). It did ask me to set files and I set mp3 and wav - but not avi or mpeg.

Currently I am unable to remove the lines from the registry and reboot (my PC is checking for malware and it is taking a long time). As soon as I know it's clear I'll do as you suggest and report back.

(Incidentally - I have found a number of tracking cookies which were deleted - but no other trojans yet).

mikegrace 0 Newbie Poster · Answer 3 · 2009-02-13T17:31:11+00:00

mikegrace 0 Newbie Poster

15 Years Ago

Oh - sorry.

Here is the avi printout. I can't try the registry fix yet.

avi.txt (2.93 KB)

Key Name:          HKEY_CLASSES_ROOT\.avi
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 12:37
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            VLC.avi

       Value 1
         Name:            PerceivedType
         Type:            REG_SZ
         Data:            video

       Value 2
         Name:            Content Type
         Type:            REG_SZ
         Data:            video/avi

       Value 3
         Name:            VLC.backup
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI


       Key Name:          HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
       Class Name:        <NO CLASS>
       Last Write Time:   21/11/2008 - 14:18
       Value 0
         Name:            avifile
         Type:            REG_NONE
         Data:            

       Value 1
         Name:            WMP11.AssocFile.AVI
         Type:            REG_NONE
         Data:            

       Value 2
         Name:            ACDSee 9.0.avi
         Type:            REG_SZ
         Data:            

       Value 3
         Name:            ACDSee 10.0.avi
         Type:            REG_SZ
         Data:            

       Value 4
         Name:            ACDSee Photo Manager 2009.avi
         Type:            REG_SZ
         Data:            

       Value 5
         Name:            QuickTime.avi
         Type:            REG_NONE
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\.avi\PersistentHandler
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53


       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {098f2470-bae0-11cd-b579-08002b30bfeb}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47

       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {FFB699E0-306A-11d3-8BD1-00104B6F7516}

Suspishio 32 Posting Virtuoso Team Colleague · Answer 4 · 2009-02-13T18:23:25+00:00

The .avi key is what I would have expected and should govern behaviour when you click an avi file.

So let us know when you've deleted the registry keys, re-booted, tried it, re-inspected the registry etc.

mikegrace 0 Newbie Poster · Answer 5 · 2009-02-14T16:21:23+00:00

mikegrace 0 Newbie Poster

15 Years Ago

Okay - we're definitely getting there.

I deleted the 2 keys you suggested

Key Name: HKEY_CLASSES_ROOT\*\shell\runas
Key Name: HKEY_CLASSES_ROOT\*\shell\runas\command

and I set VLC as the default player for avi, mpeg, mp3 (both within VLC itself and in the Vista Default Programs).

I rebooted - and double-clicked on the avi file and no CMD window. But instead of opening the file as in the past it opened up a box asking me which program I wanted to use to open it with. Despite the fact I have the default box ticked for VLC it won't open with VLC direct.

I checked the registry - and the keys I deleted have remained deleted. However the 2 keys below are still there (you did not suggest deleting them so, ever cautious, at the moment they are still there).

HKEY_CLASSES_ROOT\Directory\shell\runas\command
There are 2 lines both saying cmd.exe /c takeown /f “%1” /r/d y && icacls “%1” /grant administrators:F/t

Do I delete these as well?

Obviously something is not quite right with the registry - but I don't know how to correct it. I enclose files of printouts from HKEY_CLASSES_ROOT\*\ and HKEY_CLASSES_ROOT\Directory\shell\ and the avi key (which looks exactly the same as before).

The files are:
ROOT-1.txt - the * key
ROOT-Dir.txt - the Directory\shell key
avi.txt - the original avi key
avi2.txt - the latest avi key

Out of interest on looking at the avi key it seems to be set for VLC as default but it still won't load up on the doubleclick.

I think that's all I can tell you for the moment.

avi.txt (2.93 KB)

Key Name:          HKEY_CLASSES_ROOT\.avi
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 12:37
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            VLC.avi

       Value 1
         Name:            PerceivedType
         Type:            REG_SZ
         Data:            video

       Value 2
         Name:            Content Type
         Type:            REG_SZ
         Data:            video/avi

       Value 3
         Name:            VLC.backup
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI


       Key Name:          HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
       Class Name:        <NO CLASS>
       Last Write Time:   21/11/2008 - 14:18
       Value 0
         Name:            avifile
         Type:            REG_NONE
         Data:            

       Value 1
         Name:            WMP11.AssocFile.AVI
         Type:            REG_NONE
         Data:            

       Value 2
         Name:            ACDSee 9.0.avi
         Type:            REG_SZ
         Data:            

       Value 3
         Name:            ACDSee 10.0.avi
         Type:            REG_SZ
         Data:            

       Value 4
         Name:            ACDSee Photo Manager 2009.avi
         Type:            REG_SZ
         Data:            

       Value 5
         Name:            QuickTime.avi
         Type:            REG_NONE
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\.avi\PersistentHandler
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53


       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {098f2470-bae0-11cd-b579-08002b30bfeb}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47

       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {FFB699E0-306A-11d3-8BD1-00104B6F7516}

avi2.txt (2.93 KB)

Key Name:          HKEY_CLASSES_ROOT\.avi
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 12:37
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            VLC.avi

       Value 1
         Name:            PerceivedType
         Type:            REG_SZ
         Data:            video

       Value 2
         Name:            Content Type
         Type:            REG_SZ
         Data:            video/avi

       Value 3
         Name:            VLC.backup
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI


       Key Name:          HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
       Class Name:        <NO CLASS>
       Last Write Time:   21/11/2008 - 14:18
       Value 0
         Name:            avifile
         Type:            REG_NONE
         Data:            

       Value 1
         Name:            WMP11.AssocFile.AVI
         Type:            REG_NONE
         Data:            

       Value 2
         Name:            ACDSee 9.0.avi
         Type:            REG_SZ
         Data:            

       Value 3
         Name:            ACDSee 10.0.avi
         Type:            REG_SZ
         Data:            

       Value 4
         Name:            ACDSee Photo Manager 2009.avi
         Type:            REG_SZ
         Data:            

       Value 5
         Name:            QuickTime.avi
         Type:            REG_NONE
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\.avi\PersistentHandler
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53


       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {098f2470-bae0-11cd-b579-08002b30bfeb}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47

       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {FFB699E0-306A-11d3-8BD1-00104B6F7516}

ROOT-1.txt (10.02 KB)

The attachment preview is chopped off after the first 10 KB. Please download the entire file.

Key Name:          HKEY_CLASSES_ROOT\*
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            AlwaysShowExt
         Type:            REG_SZ
         Data:            

       Value 1
         Name:            PreviewDetails
         Type:            REG_SZ
         Data:            prop:System.DateModified;System.Size;System.DateCreated;
       *System.OfflineAvailability;*System.OfflineStatus;*System.SharedWith

       Value 2
         Name:            PreviewTitle
         Type:            REG_SZ
         Data:            prop:System.ItemNameDisplay;System.ItemType

       Value 3
         Name:            FullDetails
         Type:            REG_SZ
         Data:            
       prop:System.PropGroup.FileSystem;System.ItemNameDisplay;System.ItemType;System.ItemFolderPathDisplay;
       System.Size;System.DateCreated;System.DateModified;System.FileAttributes;*System.OfflineAvailability;
       *System.OfflineStatus;*System.SharedWith;*System.FileOwner;*System.ComputerName

       Value 4
         Name:            TileInfo
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 5
         Name:            ExtendedTileInfo
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified;System.OfflineAvailability

       Value 6
         Name:            InfoTip
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 7
         Name:            QuickTip
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified

       Value 8
         Name:            ConflictPrompt
         Type:            REG_SZ
         Data:            prop:System.ItemType;System.Size;System.DateModified;System.DateCreated

       Value 9
         Name:            SetDefaultsFor
         Type:            REG_SZ
         Data:            prop:System.Author;System.Document.DateCreated


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53



       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\Excel.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\IExplore.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\MSPaint.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\notepad.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\Winword.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\OpenWithList\WordPad.exe
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shell
       Class Name:        <NO CLASS>
       Last Write Time:   14/02/2009 - 09:38

       Key Name:          HKEY_CLASSES_ROOT\*\shell\removeproperties
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            ProgrammaticAccessOnly
         Type:            REG_SZ
         Data:            Apartment


       Key Name:          HKEY_CLASSES_ROOT\*\shell\removeproperties\DropTarget
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            CLSID
         Type:            REG_SZ
         Data:            {09a28848-0e97-4cef-b950-cea037161155}



       Key Name:          HKEY_CLASSES_ROOT\*\shell\sdfiles
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 12:16
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Scan using Spybot-Search&&Destroy

       Value 1
         Name:            LegacyDisable
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shell\sdfiles\command
       Class Name:        <NO CLASS>
       Last Write Time:   17/09/2008 - 10:05
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            "C:\Program Files\Spybot - Search & Destroy\SDFiles.exe" "%1" /ask


       Key Name:          HKEY_CLASSES_ROOT\*\shellex
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers
       Class Name:        <NO CLASS>
       Last Write Time:   03/02/2009 - 14:52
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\CopyToCD
       Class Name:        <NO CLASS>
       Last Write Time:   03/02/2009 - 14:52
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {2AA59FC0-31E8-42DA-9D3C-E9A52953853B}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\OnlineProtectMenu
       Class Name:        <NO CLASS>
       Last Write Time:   01/02/2009 - 22:02
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {48865F7A-E34C-483f-AA6F-4AA38E2C3FC4}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ


         Data:            {09799AFB-AD67-11d1-ABCD-00C04FC30936}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\PowerDesk Menu
       Class Name:        <NO CLASS>
       Last Write Time:   24/04/2008 - 15:26
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {26E7F081-EB97-11d3-9239-006008D2D00F}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Sharing
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\WinRAR
       Class Name:        <NO CLASS>
       Last Write Time:   23/01/2009 - 16:03
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {B41DB860-8EE4-11D2-9906-E49FADC173CA}

       Value 1
         Name:            MenuMaid_Original
         Type:            REG_SZ
         Data:            {B41DB860-8EE4-11D2-9906-E49FADC173CA}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{a2a9545d-a0c2-42b4-9708-
       a0b2badd77c8}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Start Menu Pin


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{B83DE13F-CFFA-6D3A-82DB-
       A32864B1E3AB}
       Class Name:        <NO CLASS>
       Last Write Time:   19/06/2008 - 06:32

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\{CA8ACAFA-5FBB-467B-B348-
       90DD488DE003}
       Class Name:        <NO CLASS>
       Last Write Time:   17/09/2008 - 08:00
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            SUPERAntiSpyware Context Menu


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers


       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\BriefcasePage
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {85BBD920-42A0-1069-A2E4-08002B30309D}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\CryptoSignMenu
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {7444C719-39BF-11D1-8CD9-00C04FC29D45}


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{1f2e5c40-9550-11ce-99d2-
       00aa006e086c}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53

       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{3EA48300-8CF6-101B-84FB-
       666CCB9BCD32}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            OLE DocFile Property Page


       Key Name:          HKEY_CLASSES_ROOT\*\shellex\PropertySheetHandlers\{883373C3-BF89-11D1-BE35-
       080036B11A03}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Summ

ROOT-Dir.txt (7.49 KB)

Key Name:          HKEY_CLASSES_ROOT\Directory\shell
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 20:23
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            none


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\ACDSee 11.0.Browse
       Class Name:        <NO CLASS>
       Last Write Time:   18/10/2008 - 20:40
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Browse with ACDSee Photo Manager 2009


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\ACDSee 11.0.Browse\command
       Class Name:        <NO CLASS>
       Last Write Time:   18/10/2008 - 20:40
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            "C:\Program Files\ACD Systems\ACDSee\11.0\ACDSeeQV11.exe" "%1"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\AddToPlaylistVLC
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 12:14
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Add to VLC media player's Playlist

       Value 1
         Name:            LegacyDisable
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\AddToPlaylistVLC\command
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 12:37
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\cmd
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            @shell32.dll,-8506

       Value 1
         Name:            Extended
         Type:            REG_SZ


         Data:            

       Value 2
         Name:            NoWorkingDirectory
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\cmd\command
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            cmd.exe /s /k pushd "%V"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\File Finder...
       Class Name:        <NO CLASS>
       Last Write Time:   24/04/2008 - 15:26

       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\File Finder...\command
       Class Name:        <NO CLASS>
       Last Write Time:   24/04/2008 - 15:26
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            C:\Program Files\Avanquest\PowerDesk\pdfind.exe /PATH:%1


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\find
       Class Name:        <NO CLASS>
       Last Write Time:   17/04/2008 - 15:28
       Value 0
         Name:            SuppressionPolicy
         Type:            REG_DWORD
         Data:            0x80

       Value 1
         Name:            LegacyDisable
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\find\command
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_EXPAND_SZ
         Data:            %SystemRoot%\Explorer.exe


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            [FindFolder("%l", %I)]


       Value 1
         Name:            NoActivateHandler
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec\application
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Folders


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec\topic
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            AppProperties


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\OneNote.Open
       Class Name:        <NO CLASS>
       Last Write Time:   06/08/2008 - 13:07
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Open as Notebook in OneNote


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\OneNote.Open\Command
       Class Name:        <NO CLASS>
       Last Write Time:   06/08/2008 - 13:07
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\open_x2
       Class Name:        <NO CLASS>
       Last Write Time:   01/11/2007 - 18:59

       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\open_x2\command
       Class Name:        <NO CLASS>
       Last Write Time:   07/11/2007 - 17:43
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            "C:\Program Files\zabkat\xplorer2\xplorer2_uc.exe" /1 /M /T "%1"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\PlayWithVLC
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 12:16
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ


         Data:            Play with VLC media player

       Value 1
         Name:            LegacyDisable
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\PlayWithVLC\command
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 12:37
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%
       1"


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\runas
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 20:23
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            Take Ownership

       Value 1
         Name:            NoWorkingDirectory
         Type:            REG_SZ
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\Directory\shell\runas\command
       Class Name:        <NO CLASS>
       Last Write Time:   18/01/2009 - 20:23
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t

       Value 1
         Name:            IsolatedCommand
         Type:            REG_SZ
         Data:            cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t

Suspishio 32 Posting Virtuoso Team Colleague · Answer 6 · 2009-02-14T20:18:54+00:00

No, those keys are in the correct place and shouldn't be deleted.

Anyway, the time has prolly come to clear the file associations in your registry and replace them with defaults. You might consideer this web site helpful. The downloaded zip file contains registry entries and the site page to which you are directed gives instructions for merging the keys into your directory.
http://www.winhelponline.com/articles/105/1/File-association-fixes-for-Windows-Vista.html

Do a system restore point first.

When you've done that, you can set your defaults. I usually do this by a right click on the file but any Vista method will do.

Keep us posted.

mikegrace 0 Newbie Poster · Answer 7 · 2009-02-14T22:26:51+00:00

mikegrace 0 Newbie Poster

15 Years Ago

OK - this is weird.

I downloaded the zip files etc from the site, and tried the avi.reg one. First time it worked - and changed the default player to Windows media Player 11 as expected. I double-clicked on an avi file and sure enough it opened fine in WMP. I opened up the registry in the avi key and took a print (just in case) which I enclose (avi3.txt).

Then I changed the default to VLC (using right click and Open With) but when I double-clicked instead of opening the file immediately in VLC it went back to the previous behaviour - opening an 'Open With' box with WMP outlined for selection. If I click on VLC in this box it opens fine - but the next time I double-click on an avi file then the box opens again with WMP outlined.

I have enclosed a screenshot - grace-open-with 1.jpg.

I opened the registry editor - it looks the same to me but I printed another file - avi4.txt.

One thing I notice - the key under the avi key (OpenWithProgIds) has no value set - should this be Windows Media Player (or VLC)?

I also used the MP3 file from the website zip file you sent - and at the moment that is opening with WMP on a double-click. I have left well alone until I hear from you further.

avi3.txt (2.95 KB)

Key Name:          HKEY_CLASSES_ROOT\.avi
       Class Name:        <NO CLASS>
       Last Write Time:   14/02/2009 - 15:10
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI

       Value 1
         Name:            PerceivedType
         Type:            REG_SZ
         Data:            video

       Value 2
         Name:            Content Type
         Type:            REG_SZ
         Data:            video/avi

       Value 3
         Name:            VLC.backup
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI


       Key Name:          HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
       Class Name:        <NO CLASS>
       Last Write Time:   21/11/2008 - 14:18
       Value 0
         Name:            avifile
         Type:            REG_NONE
         Data:            

       Value 1
         Name:            WMP11.AssocFile.AVI
         Type:            REG_NONE
         Data:            

       Value 2
         Name:            ACDSee 9.0.avi
         Type:            REG_SZ
         Data:            

       Value 3
         Name:            ACDSee 10.0.avi
         Type:            REG_SZ
         Data:            

       Value 4
         Name:            ACDSee Photo Manager 2009.avi
         Type:            REG_SZ
         Data:            

       Value 5
         Name:            QuickTime.avi
         Type:            REG_NONE
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\.avi\PersistentHandler
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53


       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {098f2470-bae0-11cd-b579-08002b30bfeb}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47

       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {FFB699E0-306A-11d3-8BD1-00104B6F7516}

avi4.txt (2.95 KB)

Key Name:          HKEY_CLASSES_ROOT\.avi
       Class Name:        <NO CLASS>
       Last Write Time:   14/02/2009 - 15:10
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI

       Value 1
         Name:            PerceivedType
         Type:            REG_SZ
         Data:            video

       Value 2
         Name:            Content Type
         Type:            REG_SZ
         Data:            video/avi

       Value 3
         Name:            VLC.backup
         Type:            REG_SZ
         Data:            WMP11.AssocFile.AVI


       Key Name:          HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
       Class Name:        <NO CLASS>
       Last Write Time:   21/11/2008 - 14:18
       Value 0
         Name:            avifile
         Type:            REG_NONE
         Data:            

       Value 1
         Name:            WMP11.AssocFile.AVI
         Type:            REG_NONE
         Data:            

       Value 2
         Name:            ACDSee 9.0.avi
         Type:            REG_SZ
         Data:            

       Value 3
         Name:            ACDSee 10.0.avi
         Type:            REG_SZ
         Data:            

       Value 4
         Name:            ACDSee Photo Manager 2009.avi
         Type:            REG_SZ
         Data:            

       Value 5
         Name:            QuickTime.avi
         Type:            REG_NONE
         Data:            


       Key Name:          HKEY_CLASSES_ROOT\.avi\PersistentHandler
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53


       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {098f2470-bae0-11cd-b579-08002b30bfeb}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47

       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-00C04FC2D6C1}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-234630154e96}
       Class Name:        <NO CLASS>
       Last Write Time:   02/11/2006 - 12:53
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {9DBD2C50-62AD-11D0-B806-00C04FD706EC}


       Key Name:          HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-00104B6F7516}
       Class Name:        <NO CLASS>
       Last Write Time:   18/12/2008 - 15:47
       Value 0
         Name:            <NO NAME>
         Type:            REG_SZ
         Data:            {FFB699E0-306A-11d3-8BD1-00104B6F7516}

Suspishio 32 Posting Virtuoso Team Colleague · Answer 8 · 2009-02-15T00:27:26+00:00

While I'm studying your stuff .... and you've hit the arrow on "Other Programs" and slected VLC as default?

NAH - FORGET IT. DOESN'T HELP!

Suspishio 32 Posting Virtuoso Team Colleague · Answer 9 · 2009-02-15T00:41:48+00:00

As I'm running Vista and have changed from WMP to VLC for AVI files, here's my AVI key to help you:
--------------------------------------------------------------------------
Key Name: HKEY_CLASSES_ROOT\.avi
Class Name: <NO CLASS>
Last Write Time: 17/01/2009 - 15:44
Value 0
Name: <NO NAME>
Type: REG_SZ
Data: NeroShowTime.Files9.avi
Value 1
Name: PerceivedType
Type: REG_SZ
Data: video
Value 2
Name: Content Type
Type: REG_SZ
Data: video/avi
Value 3
Name: VLC.backup
Type: REG_SZ
Data: WMP11.AssocFile.AVI
Value 4
Name: ShowTime.bak
Type: REG_SZ
Data: VLC.avi
Key Name: HKEY_CLASSES_ROOT\.avi\OpenWithList
Class Name: <NO CLASS>
Last Write Time: 17/01/2009 - 15:44
Key Name: HKEY_CLASSES_ROOT\.avi\OpenWithList\ShowTime.exe
Class Name: <NO CLASS>
Last Write Time: 17/01/2009 - 15:44
Key Name: HKEY_CLASSES_ROOT\.avi\OpenWithProgIds
Class Name: <NO CLASS>
Last Write Time: 02/11/2006 - 13:04
Value 0
Name: avifile
Type: REG_NONE
Data:
Value 1
Name: WMP11.AssocFile.AVI
Type: REG_NONE
Data:
Key Name: HKEY_CLASSES_ROOT\.avi\PersistentHandler
Class Name: <NO CLASS>
Last Write Time: 02/11/2006 - 12:53
Value 0
Name: <NO NAME>
Type: REG_SZ
Data: {098f2470-bae0-11cd-b579-08002b30bfeb}
Key Name: HKEY_CLASSES_ROOT\.avi\ShellEx
Class Name: <NO CLASS>
Last Write Time: 08/01/2009 - 02:55
Key Name: HKEY_CLASSES_ROOT\.avi\ShellEx\{BB2E617C-0920-11D1-9A0B-
00C04FC2D6C1}
Class Name: <NO CLASS>
Last Write Time: 02/11/2006 - 12:53
Value 0
Name: <NO NAME>
Type: REG_SZ
Data: {9DBD2C50-62AD-11D0-B806-00C04FD706EC}
Key Name: HKEY_CLASSES_ROOT\.avi\ShellEx\{e357fccd-a995-4576-b01f-
234630154e96}
Class Name: <NO CLASS>
Last Write Time: 02/11/2006 - 12:53
Value 0
Name: <NO NAME>
Type: REG_SZ
Data: {9DBD2C50-62AD-11D0-B806-00C04FD706EC}
Key Name: HKEY_CLASSES_ROOT\.avi\ShellEx\{FFB699E0-306A-11d3-8BD1-
00104B6F7516}
Class Name: <NO CLASS>
Last Write Time: 08/01/2009 - 02:55
Value 0
Name: <NO NAME>
Type: REG_SZ
Data: {FFB699E0-306A-11d3-8BD1-00104B6F7516}
--------------------------------------------------------------------------
This should help you debug via differences.

You might notice Showtime.exe in my OpenWith list. Nero put that there and I've no idea how it affects things.

The OpenWithProgIds have values from the original defaults, but the value is zero and so isn't implemented.

The implemented list would be at the .avi lebel of the key which includes a value:
ShowTime.bak VLC.avi.

God definitely isn't there otherwise he'd be a Microsoft MVP!

mikegrace 0 Newbie Poster · Answer 10 · 2009-02-15T00:43:06+00:00

I've done a search on setting defaults - and come across some software called Creative Element Power Tools which is supposed to help you sort your default programs. Shall I try it out? There's a free 45-day period.

I'm wary of diving into anything in case it upsets what you are doing, but I'd like to help if I can.

mikegrace 0 Newbie Poster · Answer 11 · 2009-02-15T00:56:58+00:00

I'm afraid I'm not experienced enough to really understand your registry file - I'm still very much a registry novice.

However - I'm starting to make some progress. I have found that the problem seems to be connected to VLC somehow - as if I make WMP or MediaMonkey the default for either avi, mp3 or wav then next time it works fine - in whatever program I made default. The problem seems to be VLC.

I could try re-installing VLC (well - uninstalling and then re-installing).

What do you think? Meanwhile - do you have a good simple audio media player you can recommend?

Suspishio 32 Posting Virtuoso Team Colleague · Answer 12 · 2009-02-15T01:42:51+00:00

I installed VLC a couple of weeks ago and it was 0.9.8a. It installed perfectly well and the default changes I've made have worked. It's the finest all round media player so I wouldn't recommend anything else.

If you want audio only, then WMP is perfectly suited. I used to use MusicMatch but WMP has changed so much for the better that it'll do perfectly well.

You may well be right about VLC misbehaving. certainly a removal and re-install can't hurt.

With regard to the CreativeElement Power Tools, the "Edit File Type Associations" function is valuable though it has its complications. You'll see when you get to the place, but you have to click ADD unless "Play with VLV media Player" is in the list. Since it is on my list, the parameters needed in order of dialogue box areare:

Play with VLC media player

C:\Program Files\VideoLAN\VLC\vlc.exe

--started-from-file --no-playlist-enqueue "%1"

Keep going.

mikegrace 0 Newbie Poster · Answer 13 · 2009-02-15T03:28:20+00:00

Okay - at the moment re-installing VLC seems to have done it. My avi and mpeg files are opening in VLC when I double-click them, and although I originally set MP3 files to open in VLC as well - for some reason they seem to prefer WMP so I'm letting that go. So audio opens on double-clicking in WMP - video in VLC. Perfect.

Thanks a million for your help. I am visiting my parents tomorrow (it's almost bedtime here in the UK) so I'll not be getting back to all this until Monday when I'll take a look at Creative Elements Power Tools.

I'm still a bit concerned that there may be a virus or Trojan lurking - the PC is very slow at downloading at the moment, but my ISP is also making changes so it might be them. I think I'll just let things be for a few days and see how it develops.

I think we can say this one is solved. Many many thanks..

Suspishio 32 Posting Virtuoso Team Colleague · Answer 14 · 2009-02-15T03:36:49+00:00

You're welcome. That all tells me to recommend others to re-oinstall the offending application as first port of call!

Bedtime? As I write this it's 21:38. Bedtime?

mikegrace 0 Newbie Poster · Answer 15 · 2009-02-15T04:10:53+00:00

Okay - not quite yet but I tend to retire earlier these days - it keeps me fresh for my PC problems on the next day.

Thanks again.