Hi All,
Its a bit overwhelming this site stuff everywhere, I know I should have searched but I have been searching for hours on google, so sorry if this has been posted before.
I cant open Avast to do a virus check, I cant open Firefox, I cant open Explorer, I believe I have a virus but unsure what to do ?
This is the computer the problem is on but it has dual boot set up by a friend Vista - Windows 7 so I set up email on windows 7, and have also been using it for searching…
I have a lot of stuff on my Vista partition I would like to get it going again.
Thanks for your time
Gary.
Hi,
it may be caused by some registry values.
Try to run “regedit” and check keys listed below.
If the regedit tool is also disabled, maybe “HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools”, Value=1, solution can be found here: http://www.pcreview.co.uk/forums/thread-1713099.php
If you can’t run regedit.exe after you set “HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools” to value 0, then it could be caused by “HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe”, so you can rename/copy regedit.exe to another name i.e. re.exe and try to run this one.
Maybe some application blocks others:
If regedit is succesfully launched then check this keys (HKLM=HKEY_LOCAL_MACHINE, HKCU=HKEY_CURRENT_USER):
HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\Run
HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\RunServices
HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
HKLM(HKCU)\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Windows\load
HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs
HKLM(HKCU)\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
(subkeys with key “Debugger” set to i.e. “ntsd -d” (except key “Your Image File Name Here without a path”)).
Also check startup folder in start menu (i.e. C:\Documents and Settings\ for WinXP):
<start_menu>\All Users\Start Menu\Programs\Startup
<start_menu><loginName>\Start Menu\Programs\Startup
Milos
I suggest:
-
Clean your temporary files.
-
Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead. You can schedule just running:
C:\Program Files\ALWIL Software\Avast4\sched.exe /D -
Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete them.
-
Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
-
Make a HijackThis log to post here or this analysis site. Or even submit the RunScanner log to to on-line analysis.
-
Clean your Hosts file (replacing it) with HostsMan tool.
-
Disable System Restore and then reenable it again.
-
Immunize your system with SpywareBlaster.
-
Check if you have insecure applications with Secunia Software Inspector.