Trojan/virs blocking Registry

T

The_Unbeliever

Honorary Master
Joined
Apr 19, 2005
Messages
103,193
Reaction score
10,233
Location
Nkaaaaandla
Hi there

Is having an interesting one here at the moment.

What virus/trojan will be blocking your windows/currentversion/run entry in the Registry?

I can't install AVG Free on this specific PC due to some poxy virus/trojan blocking that specific key in the Registry...

Regards

Libs
 
How do you know it's a trojan/virus? Could it just be corrupted permissions? Presume you can't update this key in regedit either. Can you edit the permissions in regedit?

Joe
 
:o

erm, how do you edit the permissions in regedit?


I can access the other keys just fine, it's just this specific key I can't access.

Besides, if other users access this machine, their Symantec goes bonkers, telling them that there's an infected file on this PC.
 
I have found the root cause : AVG Free tells me it's the Win32/Gaelium.A bugger.

I was able to access that specific key this morning, so AVG Free is running away at the moment... :D

Will have to get the PC into safe mode and re-run the scan again.
 
bootdisks FTW :D
hiren's is up to 8.8 so time for me to get an update..
 
Just a slight niggle - removing the CD Rom unit will help, but they will stick the MP3 CD into another PC and play it from that PC via the network instead...

...or from an USB drive.

Will have to discuss this issue with management.
 
Going to try this :

del wmplayer.exe
md wmplayer.exe
attrib +r wmplayer.exe

:D :D :D


Did the same trick when the Opaserv worm was doing the rounds on Win95 and 98 boxen... :D
 
:D :D :D

Works... although I had to delete the wmplayer.ex_ file in the i386 directory as well, otherwise the file'll keep on coming back.

XP complained about the file difference, I tole it to shurrup and go back to work... :D
 
Long term fix ... Install linux on all their machines?

The_Librarian said:
Besides, if other users access this machine, their Symantec goes bonkers, telling them that there's an infected file on this PC.
Click to expand...
OK, that's proof. Say no more. Nudge nudge wink wink, know what I mean?

The_Librarian said:
:o

erm, how do you edit the permissions in regedit?
Click to expand...

in regedit, right click the key, select Permissions... and you get a normal permissions property sheet. At least, that's what happens here!
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X