- You are here:
- Home »
- Blog »
- Computer Technician Tools »
- XP_Fileassoc.bat & XP_EXE_Fix.reg – Repair Tool of the Week
XP_Fileassoc.bat & XP_EXE_Fix.reg – Repair Tool of the Week
I have been seeing the Facebook Password Reset Virus on a lot of computers lately and one of the things that this virus does is disables the EXE association with the computer. Basically what this means is that you cannot open .EXE files and since most of your software repair tools are going to be executable files, it makes the virus difficult to remove
To get around this, I have been using two scripts that restore all of the file associations in Windows XP back to default. Once it has been run, I can then use my other virus removal applications like Process Explorer.
The .EXE association can be damaged in a few ways. One way is when the extension association “.exe” doesn’t point to “exefile”. Another way is when the registry for opening .exe files has an incorrect value.
One of the tools is a BAT file and the other one is a .REG file. The problem is sometimes the .REG file association is damaged too so I have to use the BAT file first to fix the .REG association, and then the .REG file to fix the registry.
In any case, the two work well together.
I haven’t tried these two scripts on any other operating system other than Windows XP, so you do so at your own risk.
Downloads:
XP_Fileassoc.bat – Download from Technibble (right click, save as) – 6kb
XP_Exe_Fix.reg – Download from Technibble (right click, save as) – 2.6kb
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.
I get those kind of viruses a lot from my customers. I usually go into safe mode with networking to install the tool I will be using. Some things wont install from safe mode though. I will use this resource the next time I have .exe issue. Thanks Bryce.
I haven’t run into this problem yet. I would assume that running SAS under BartPE is fixing this, though, since that’s part of my normal routine. Thanks, though!
Too bad you didn’t wrote this earlier. Had the .exe problem last week on my cousins PC. Then i didn’t know for this solution but luckily system restore fixed the problem.
Most of the time, you can temporarily change the file extension from *.exe to *.com or *.scr on a repair utility in order to run the executable. Depending on the malware, mostly rogue security products, I have also renamed repair utilities to “explorer.exe.” Works great with Autoruns and Process Explorer. After malware has been removed, I like to repair file extensions, reset network settings, hosts file, etc, using Kaspersky’s AVZ utility
SAS Portable did a great job on the 9 PCs I encountered with this issue…of course it uses a .com file extension
This is a great link of all different file association fixes including the .EXE fix and many other useful ones. http://www.dougknox.com/xp/file_assoc.htm
Also you can do a very easy fix if you cannot access internet to download or do not have these scripts handy. Here is a list of File Association fix commands that can be run from the COMMAND prompt.
assoc.323=h323file
assoc.386=vxdfile
assoc.aca=Agent.Character.2
assoc.acf=Agent.Character.2
assoc.acs=Agent.Character2.2
assoc.acw=acwfile
assoc.ai=
assoc.aif=AIFFFile
assoc.aifc=AIFFFile
assoc.aiff=AIFFFile
assoc.ani=anifile
assoc.aps=
assoc.asa=aspfile
assoc.ascx=
assoc.asf=ASFFile
assoc.asm=
assoc.asmx=
assoc.asp=aspfile
assoc.aspx=
assoc.asx=ASXFile
assoc.au=AUFile
assoc.AudioCD=AudioCD
assoc.avi=avifile
assoc.bat=batfile
assoc.bfc=Briefcase
assoc.bin=
assoc.bkf=msbackupfile
assoc.blg=PerfFile
assoc.bmp=Paint.Picture
assoc.bsc=
assoc.c=
assoc.cab=CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}
assoc.cat=CATFile
assoc.cda=CDAFile
assoc.cdf=ChannelFile
assoc.cdx=aspfile
assoc.cer=CERFile
assoc.cgm=
assoc.chk=chkfile
assoc.chm=chm.file
assoc.clp=clpfile
assoc.cmd=cmdfile
assoc.cnf=ConferenceLink
assoc.com=comfile
assoc.cpl=cplfile
assoc.cpp=
assoc.crl=CRLFile
assoc.crt=CERFile
assoc.css=CSSfile
assoc.csv=
assoc.CTT=MessengerContactList
assoc.cur=curfile
assoc.cxx=
assoc.dat=
assoc.db=dbfile
assoc.dbg=
assoc.dct=
assoc.def=
assoc.der=CERFile
assoc.DeskLink=CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}
assoc.dib=Paint.Picture
assoc.dic=
assoc.diz=
assoc.dll=dllfile
assoc.dl_=
assoc.doc=WordPad.Document.1
assoc.dos=
assoc.dot=
assoc.drv=drvfile
assoc.dsn=MSDASQL
assoc.dun=dunfile
assoc.DVD=DVD
assoc.emf=emffile
assoc.eml=Microsoft Internet Mail Message
assoc.eps=
assoc.exe=exefile
assoc.exp=
assoc.ex_=
assoc.eyb=
assoc.fif=
assoc.fnd=fndfile
assoc.fnt=
assoc.Folder=Folder
assoc.fon=fonfile
assoc.ghi=
assoc.gif=giffile
assoc.grp=MSProgramGroup
assoc.gz=
assoc.h=
assoc.hhc=
assoc.hlp=hlpfile
assoc.hpp=
assoc.hqx=
assoc.ht=htfile
assoc.hta=htafile
assoc.htc=
assoc.htm=htmlfile
assoc.html=htmlfile
assoc.htt=HTTfile
assoc.htw=
assoc.htx=
assoc.hxx=
assoc.icc=icmfile
assoc.icm=icmfile
assoc.ico=icofile
assoc.idb=
assoc.idl=
assoc.idq=
assoc.iii=iiifile
assoc.ilk=
assoc.imc=
assoc.inc=
assoc.inf=inffile
assoc.ini=inifile
assoc.ins=x-internet-signup
assoc.inv=
assoc.inx=
assoc.in_=
assoc.isp=x-internet-signup
assoc.its=ITS File
assoc.IVF=IVFFile
assoc.java=
assoc.jbf=
assoc.jfif=pjpegfile
assoc.job=JobObject
assoc.jod=Microsoft.Jet.OLEDB.4.0
assoc.jpe=jpegfile
assoc.jpeg=jpegfile
assoc.jpg=jpegfile
assoc.JS=JSFile
assoc.JSE=JSEFile
assoc.latex=
assoc.lib=
assoc.lnk=lnkfile
assoc.local=
assoc.log=txtfile
assoc.lwv=LWVFile
assoc.m14=
assoc.m1v=mpegfile
assoc.m3u=m3ufile
assoc.man=
assoc.manifest=
assoc.MAPIMail=CLSID\{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}
assoc.mdb=
assoc.mht=mhtmlfile
assoc.mhtml=mhtmlfile
assoc.mid=midfile
assoc.midi=midfile
assoc.mmf=
assoc.mmm=MPlayer
assoc.mov=
assoc.movie=
assoc.mp2=mpegfile
assoc.mp2v=mpegfile
assoc.mp3=mp3file
assoc.mpa=mpegfile
assoc.mpe=mpegfile
assoc.mpeg=mpegfile
assoc.mpg=mpegfile
assoc.mpv2=mpegfile
assoc.msc=MSCFile
assoc.msg=
assoc.msi=Msi.Package
assoc.msp=Msi.Patch
assoc.MsRcIncident=MsRcIncident
assoc.msstyles=msstylesfile
assoc.MSWMM=Windows.Movie.Maker
assoc.mv=
assoc.mydocs=CLSID\{ECF03A32-103D-11d2-854D-006008059367}
assoc.ncb=
assoc.nfo=MSInfo.Document
assoc.nls=
assoc.NMW=T126_Whiteboard
assoc.nsc=
assoc.nvr=
assoc.nws=Microsoft Internet News Message
assoc.obj=
assoc.ocx=ocxfile
assoc.oc_=
assoc.odc=
assoc.otf=otffile
assoc.p10=P10File
assoc.p12=PFXFile
assoc.p7b=SPCFile
assoc.p7c=certificate_wab_auto_file
assoc.p7m=P7MFile
assoc.p7r=SPCFile
assoc.p7s=P7SFile
assoc.pbk=pbkfile
assoc.pch=
assoc.pdb=
assoc.pds=
assoc.pfm=pfmfile
assoc.pfx=PFXFile
assoc.php3=
assoc.pic=
assoc.pif=piffile
assoc.pko=PKOFile
assoc.pl=
assoc.plg=
assoc.pma=PerfFile
assoc.pmc=PerfFile
assoc.pml=PerfFile
assoc.pmr=PerfFile
assoc.pmw=PerfFile
assoc.pnf=pnffile
assoc.png=pngfile
assoc.pot=
assoc.pps=
assoc.ppt=
assoc.prf=prffile
assoc.ps=
assoc.psd=
assoc.psw=PSWFile
assoc.qds=SavedDsQuery
assoc.rat=ratfile
assoc.rc=
assoc.RDP=RDP.File
assoc.reg=regfile
assoc.res=
assoc.rle=
assoc.rmi=midfile
assoc.rnk=rnkfile
assoc.rpc=
assoc.rsp=
assoc.rtf=rtffile
assoc.sam=
assoc.sbr=
assoc.sc2=
assoc.scf=SHCmdFile
assoc.scp=txtfile
assoc.scr=scrfile
assoc.sct=scriptletfile
assoc.sdb=appfixfile
assoc.sed=
assoc.shb=DocShortcut
assoc.shs=ShellScrap
assoc.shtml=
assoc.shw=
assoc.sit=
assoc.snd=AUFile
assoc.spc=SPCFile
assoc.spl=ShockwaveFlash.ShockwaveFlash
assoc.sql=
assoc.sr_=
assoc.sst=CertificateStoreFile
assoc.stl=STLFile
assoc.stm=
assoc.swf=ShockwaveFlash.ShockwaveFlash
assoc.sym=
assoc.sys=sysfile
assoc.sy_=
assoc.tar=
assoc.text=
assoc.tgz=
assoc.theme=themefile
assoc.tif=TIFImage.Document
assoc.tiff=TIFImage.Document
assoc.tlb=
assoc.tsp=
assoc.tsv=
assoc.ttc=ttcfile
assoc.ttf=ttffile
assoc.txt=txtfile
assoc.UDL=MSDASC
assoc.uls=ulsfile
assoc.URL=InternetShortcut
assoc.VBE=VBEFile
assoc.vbs=VBSFile
assoc.vbx=
assoc.vcf=vcard_wab_auto_file
assoc.vxd=vxdfile
assoc.wab=wab_auto_file
assoc.wav=soundrec
assoc.wax=WAXFile
assoc.wb2=
assoc.webpnp=webpnpFile
assoc.WHT=Whiteboard
assoc.wk4=
assoc.wll=
assoc.wlt=
assoc.wm=ASFFile
assoc.wma=WMAFile
assoc.wmd=WMDFile
assoc.wmf=wmffile
assoc.wmp=WMPFile
assoc.wms=WMSFile
assoc.wmv=WMVFile
assoc.wmx=ASXFile
assoc.wmz=WMZFile
assoc.wpd=
assoc.wpg=
assoc.wri=wrifile
assoc.wsc=scriptletfile
assoc.WSF=WSFFile
assoc.WSH=WSHFile
assoc.wsz=
assoc.wtx=txtfile
assoc.wvx=WVXFile
assoc.x=
assoc.xbm=
assoc.xix=
assoc.xlb=
assoc.xlc=
assoc.xls=
assoc.xlt=
assoc.xml=xmlfile
assoc.xsl=xslfile
assoc.z=
assoc.z96=
assoc.zap=zapfile
assoc.ZFSendToTarget=CLSID\{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}
assoc.zip=CompressedFolder
Knowledge. is the best on can share, I discovered Technibbile about a two weeks ago. Tool of the week helped me so much, so did bsod viewer, etc, and those other. Well Bryce, you made me think of something, in my country we do no have a “geeksquad”.
I had this problem today, but it was a bit more tame. By default, it did this very same thing. But you could easily right click any program, and there was a “start” entry in the context menu. That could open the program, but double clicking and startup programs were SOL.
I’ve been finding a combination of using Rkill (which comes in exe, com, scr, gif, and DOS program shortcut) and Malwarebytes in Safe Mode with Networking works for most threats that lock things down. After that I boot to normal and do further scans to remove threats.
But these 2 tools could be very handy.
Bryce
Any reason why the .Reg file in this entry saves as an .mp3 file?? Shouldn’t it be a standard .reg file ??
” Patrick says:
March 29th, 2010 at 9:57 am
Bryce
Any reason why the .Reg file in this entry saves as an .mp3 file?? Shouldn’t it be a standard .reg file ??
”
I think the reason is that you accidentally do not alter your own system.
This is great info, thanks! I’ve found that Trojan Remover (if the infection won’t prevent it running in Safe Mode) will fix this broken association as well. Anyone have any tips for Vista to manually repair the .exe problem?
“Bryce says
Any reason why the .Reg file in this entry saves as an .mp3 file?? Shouldn’t it be a standard .reg file ??”
It does this for me too…
Daniel as per your manual fix for REG files this is pretty standard on all windows machines.
Go to the command prompt, if vista make sure it is escalated as an admin. Then copy and paste this
assoc.reg=regfile
I left a list of others in an earlier comment… just read… Also a link with the rest of them and other file association fixes…
*Reading is knowledge…