• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

Can not OPen .EXE files

One of my friends brought me his computer ( W2K pro, SP1)... He had a slew of viruses and spyware... I would have just brown it away and installed SP4, but he has a lot of software where he has lost the media and can't reinstall.

One of the first hurtles was that all .EXE files were disabled... sort of how Navidad virus works except the .EXE was reassociated with notepad, so all you got was binary junk when you tried to run anything.

I copied regedit.exe to regedit.com and was able to set HKEY_CLASSES_ROOT_/.exe back to:      exefile           (from notepad.exe 1%)
and set HKEY_CLASSES_ROOT/exefile/shell/open/command to:        "%1" %*

Now, whenever I try to open an .EXE file, all I get is the "File Download" dialog warning Box..."Some files can harm your computer... YadahYadahYadah.. The bottom line is My choices are OPEN  ( which just relaunches another instance of the dialog box), Save ( Which is useless when you want to open an executable), Cancel ( again, not a real useful choice), and More Info...

Anyone have any idea what the registry fix is for this?   I have tried registry mechanic with no success.  ( again, by renaming an .exe to a .com... not a good idea, I know, but any port in a storm...).

Thanks !
0
AdminAssociates
Asked:
AdminAssociates
1 Solution
 
BazmicCommented:
Are you able to drop the reg entries for the exefile class and below?
0
 
AdminAssociatesAuthor Commented:
I'm sorry... I don't understand your question.  Am I able to DROP the reg entries for the exefile class and below?  I'm sorry if I'm being dense, but I don't know what you mean...

 I was able to run regedit by renaming it to a .COM file, and  set HKEY_CLASSES_ROOT/.exe to read    exefile      and  HKEY_CLASSES_ROOT/exefile/shell/open/command to    "%1" %*

Other then that, I don't know where else to go.  That's what I am asking.

Thanks,
0
 
rpggamergirlCommented:
Download Hijackthis and rename it with a .com extension and scan your system with it.
Make sure that all startup entries are enabled so they show up in the log.

Please download HijackThis 1.99.1
http://www.cyberanswers.org/forum/uploads/HijackThis1991.exe
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then upload the logs to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
http://www.ee-stuff.com
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.

0
 
ddrdanCommented:
Sounds like the same problem I'm having. Except I mistakenly added "REG_SZ" in front of the "%1"%* for the value. Now I can't get into the registry editor at all !!!!!!!

My spyware entry in the exefile\shell\open\command was "msvcrt.exe"  every time I opened a progam it started the "svchost" in a dos window and the program I want fails to open. And I get the "file not found make sure path and libraries" ...yada yada .... when I delete the msvcrt file and try again.

I don't think Hijack will work?? I can't get it to run except with a safe boot with a command prompt. Then CTRL\ALT\DEL to get to task manager then using the run command from there. Now even that won't work.

I'll post my own problem but if anyone finds a way for me to get back into the registry let me know on the post Subject line: Registry Problem - MSVCRT.EXE. Remember "no EXE files run" so loading software is not an option.
0
 
rpggamergirlCommented:
Thank you for the points, very much appreciated.
I meant for us to look at the log.

Is your problem resolved? If so, would you mind posting a final comment about the solution in order to help future database searchers, that would be great thanks!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now