Symptoms
When you open System Configuration Utility [MSCONFIG], Registry Editor or Task Manager, they flash for a second and quit. This symptom is caused by Viruses. These three are important system utilities which the viruses target.
A quick workaround is to rename the files and run them. Extracting new copies of these files with the same name may not help. Rename these utilities and run them or use MS-MVP Doug Knox's Emergency Msconfig, Regedit, Task Manager utility. This utility creates usable copies of MSCONFIG, REGEDIT AND TASK MANAGER by creating copies of the actual files to C:\EmergencyUtils folder.
Follow-up with complete Malware cleanup.
More Information
These viruses terminate regedit.exe / msconfig.exe / taskmgr.exe.- W32.HLLW.Kefy
- Backdoor.IRC.Yoink.A
- W32.HLLW.Cydog@mm
- Backdoor.Volac.dr
- W32.Kwbot.R.Worm
- W32.Erkez.B@mm
- W32.Spybot
- W32.Mytob.LD@mm
Another reason why Regedit can't be launched from Run
As of recent, I've seen reports of the bogus file named regedit.com in Windows systems. This file is actually a Trojan file, which is set the Hidden and System attributes. The regedit.com file may be present in %Systemroot% or %Systemroot%\System32 folders. This file should be deleted.
Normally, users type regedit in Start, Run dialog to launch the Registry Editor. But, if both Regedit.exe (legitimate) and Regedit.com (Trojan) are present in your Windows or System32 folder, the file with the .COM extension takes precedence. As a result, regedit.com process launches. When regedit.com file runs, nothing may happen. Or, the following error may be seen.
ERROR: An Extended Memory Manager is already installed. XMS Driver Not Installed.
To prevent this scenario, you must use the explicit file name and the Path to load the Registry Editor in emergencies. Examples:
- Regedit.exe
- %Systemroot%\Regedit.exe
Click Here To Download The Readme File
Click Here To Download XP Emergencyutil
No comments:
Post a Comment