Sign in with
Sign up | Sign in
Your question

Virus? Can't run regedit

Last response: in Windows XP
Share
Anonymous
January 8, 2005 7:03:04 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I think my PC is infected by a virus that blocks use of vital system
utilities *and* clobbers antivirus programs. (I suspected the "Gaobot" virus,
but a Symantec fix tool didn't find it.) Norton Internet Security (2004) quit
running about 10 days ago, and disappeared from my system tray. I
uninstalled and re-downloaded the program, as well as the 2005 version, but
installation fails repeatedly. I found Symantec instructions on how to edit
the registry, but am unable to open registry *even in safe mode.* I tried an
"emergency utilities" tool that claims to create usable copies of utilities,
but even the copies do not run. Both regedit and msconfig won't open.
Windows Live Update also fails. I've had this machine only since September
2004; it has Service Pack 2. Oh, one more thing:
If I do a Google search for Symantec or similar companies, or for the word
"antivirus," my browser closes! Help, please. TIA.

Larry Sherman
Wits End, NY

More about : virus run regedit

Anonymous
January 8, 2005 10:17:05 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Have you tried in safe mode?
and if you want to run something, try to rename the file to .com, liike
regedit.com from a dos prompt...


icenine378 wrote:
> *I think my PC is infected by a virus that blocks use of vital
> system
> utilities *and* clobbers antivirus programs. (I suspected the
> "Gaobot" virus,
> but a Symantec fix tool didn't find it.) Norton Internet Security
> (2004) quit
> running about 10 days ago, and disappeared from my system tray. I
> uninstalled and re-downloaded the program, as well as the 2005
> version, but
> installation fails repeatedly. I found Symantec instructions on how
> to edit
> the registry, but am unable to open registry *even in safe mode.* I
> tried an
> "emergency utilities" tool that claims to create usable copies of
> utilities,
> but even the copies do not run. Both regedit and msconfig won't
> open.
> Windows Live Update also fails. I've had this machine only since
> September
> 2004; it has Service Pack 2. Oh, one more thing:
> If I do a Google search for Symantec or similar companies, or for the
> word
> "antivirus," my browser closes! Help, please. TIA.
>
> Larry Sherman
> Wits End, NY *



--
slurp812
------------------------------------------------------------------------
Posted via http://www.mcse.ms
------------------------------------------------------------------------
View this thread: http://www.mcse.ms/message1336594.html
Anonymous
January 9, 2005 3:22:26 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

http://www.dougknox.com/xp/utils/xp_emerutils.htm
Creates usable copies of REGEDIT, MSCONFIG and Task Manager

You could be infected with one of these worms:

W32.Spybot.Worm
http://securityresponse.symantec.com/avcenter/venc/data...
W32.Klez.Worm
http://securityresponse.symantec.com/avcenter/venc/data...
W32.Yaha.Worm
http://securityresponse.symantec.com/avcenter/venc/data...

These viruses terminate Regedit.exe and taskmgr.exe
W32.HLLW.Kefy:
http://securityresponse.symantec.com/avcenter/venc/data...
W32.HLLW.Cydog@mm:
http://securityresponse.symantec.com/avcenter/venc/data...
Backdoor.IRC.Yoink.A:
http://securityresponse.symantec.com/avcenter/venc/data...
Backdoor.Volac.dr:
http://securityresponse.symantec.com/avcenter/venc/data...
W32.Kwbot.R.Worm:
http://www.symantec.com/avcenter/venc/data/w32.kwbot.r....

These viruses delete the Regedit.exe, Regedt32.exe, Msconfig.exe, Taskmgr.exe
W32.Petch.B:
http://www.symantec.com/avcenter/venc/data/w32.petch.b....
W32.HLLW.Maax.B@mm:
http://securityresponse.symantec.com/avcenter/venc/data...


Downloadable McAfee AVERT Stinger:
Stinger: http://vil.nai.com/vil/stinger/
stand-alone utility used to detect and remove specific viruses. It is not a
substitute for full anti-virus protection, but rather a tool to assist
administrators and users when dealing with an infected system. Stinger utilizes
next generation scan engine technology, including process scanning, digitally
signed DAT files, and scan performance optimizations.


"icenine378" <icenine378@discussions.microsoft.com> wrote in message
news:C3094F4A-6BB7-45C2-80EB-A19106F50870@microsoft.com...
>I think my PC is infected by a virus that blocks use of vital system
> utilities *and* clobbers antivirus programs. (I suspected the "Gaobot" virus,
> but a Symantec fix tool didn't find it.) Norton Internet Security (2004) quit
> running about 10 days ago, and disappeared from my system tray. I
> uninstalled and re-downloaded the program, as well as the 2005 version, but
> installation fails repeatedly. I found Symantec instructions on how to edit
> the registry, but am unable to open registry *even in safe mode.* I tried an
> "emergency utilities" tool that claims to create usable copies of utilities,
> but even the copies do not run. Both regedit and msconfig won't open.
> Windows Live Update also fails. I've had this machine only since September
> 2004; it has Service Pack 2. Oh, one more thing:
> If I do a Google search for Symantec or similar companies, or for the word
> "antivirus," my browser closes! Help, please. TIA.
>
> Larry Sherman
> Wits End, NY
>
!