Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Can not OPen .EXE files

Posted on 2006-11-25
Medium Priority
Last Modified: 2011-09-20
One of my friends brought me his computer ( W2K pro, SP1)... He had a slew of viruses and spyware... I would have just brown it away and installed SP4, but he has a lot of software where he has lost the media and can't reinstall.

One of the first hurtles was that all .EXE files were disabled... sort of how Navidad virus works except the .EXE was reassociated with notepad, so all you got was binary junk when you tried to run anything.

I copied regedit.exe to regedit.com and was able to set HKEY_CLASSES_ROOT_/.exe back to:      exefile           (from notepad.exe 1%)
and set HKEY_CLASSES_ROOT/exefile/shell/open/command to:        "%1" %*

Now, whenever I try to open an .EXE file, all I get is the "File Download" dialog warning Box..."Some files can harm your computer... YadahYadahYadah.. The bottom line is My choices are OPEN  ( which just relaunches another instance of the dialog box), Save ( Which is useless when you want to open an executable), Cancel ( again, not a real useful choice), and More Info...

Anyone have any idea what the registry fix is for this?   I have tried registry mechanic with no success.  ( again, by renaming an .exe to a .com... not a good idea, I know, but any port in a storm...).

Thanks !
Question by:AdminAssociates
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 18016417
Are you able to drop the reg entries for the exefile class and below?

Author Comment

ID: 18017217
I'm sorry... I don't understand your question.  Am I able to DROP the reg entries for the exefile class and below?  I'm sorry if I'm being dense, but I don't know what you mean...

 I was able to run regedit by renaming it to a .COM file, and  set HKEY_CLASSES_ROOT/.exe to read    exefile      and  HKEY_CLASSES_ROOT/exefile/shell/open/command to    "%1" %*

Other then that, I don't know where else to go.  That's what I am asking.

LVL 47

Accepted Solution

rpggamergirl earned 1500 total points
ID: 18018775
Download Hijackthis and rename it with a .com extension and scan your system with it.
Make sure that all startup entries are enabled so they show up in the log.

Please download HijackThis 1.99.1
Open Hijackthis, click "Do a system scan and save a logfile" don't fix anything yet.

Then upload the logs to any hosting sites,
or go to the below link and login using your Experts-Exchange username and password.
Click on "Expert Area" tab
type or paste the link to your Question
"Browse" your pc to the location of your Hijackthis log and click "Upload"
Copy the resulting "url" and post it back here.

OR: paste the log to either of these sites:
1. http://www.rafb.net/paste/
then at the bottom left corner click "paste"
Copy the address/url and post it here.

2. or at --> http://www.hijackthis.de/ 
and click "Analyse", click "Save".  Then post the link to the saved list here.


Expert Comment

ID: 18037788
Sounds like the same problem I'm having. Except I mistakenly added "REG_SZ" in front of the "%1"%* for the value. Now I can't get into the registry editor at all !!!!!!!

My spyware entry in the exefile\shell\open\command was "msvcrt.exe"  every time I opened a progam it started the "svchost" in a dos window and the program I want fails to open. And I get the "file not found make sure path and libraries" ...yada yada .... when I delete the msvcrt file and try again.

I don't think Hijack will work?? I can't get it to run except with a safe boot with a command prompt. Then CTRL\ALT\DEL to get to task manager then using the run command from there. Now even that won't work.

I'll post my own problem but if anyone finds a way for me to get back into the registry let me know on the post Subject line: Registry Problem - MSVCRT.EXE. Remember "no EXE files run" so loading software is not an option.
LVL 47

Expert Comment

ID: 18162459
Thank you for the points, very much appreciated.
I meant for us to look at the log.

Is your problem resolved? If so, would you mind posting a final comment about the solution in order to help future database searchers, that would be great thanks!

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This week I attended a Startup Week Chattanooga talk on Gender Diversity in Technology. Check out what I learned.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question