What virus turns apps off?

Posted on 2004-04-22
Last Modified: 2013-12-04
Clients XP Pro machine. Never had virus protection.

Running okay, a bit slow, but okay.

Cannot install AVG. Set up starts, but nothing happens after unpacking files.

Cannot run regedit, starts up then closes, almost instantly.

Cannot run MSCONFIG. Just will not open. Run from Start>Run>msconfig. Nothing.

Copied a new MSCONFIG to the desktop and tried to run that...nothing.

I have an idea this is a virus of some sort. Any suggestions would be gratefully recieved.

Thank you :)
Question by:midhurst
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3

Accepted Solution

LeftofCool earned 250 total points
ID: 10894739

Since it seems your client has some pretty advanced spyware and viruses, you should download a couple of tools to aid in removing them. The first I will recommend is Spybot Search & Destroy, it can be found here: . The second is Ad-Aware which can be found here: . Install both programs, update them, and let them scan for spyware. If you find that you cannot open either one of these programs then restart the computer in safe mode and run the programs. (Safe Mode starts Windows with a minimal amount of drivers and prevents most viruses from working due to the lack of drivers present.)  Now, restart the computer normally and go to this link: . This is an online virus scanner that may evade viruses that attempt to shut down AV programs, should they be present. Remove everything detected. After performing these steps, I would like to know if any searches in Internet Explorer are being redirected and if so, to where. Please let me know if there is a problem performing a certain step as there are many alternate workarounds.
LVL 67

Expert Comment

ID: 10895144
I'd say try booting into Safe Mode first and foremost...then try to run MSCONFIG disabling anything/everything in the start tab...

How to access Safe Mode:


Author Comment

ID: 10895226
I'm not with the machine at the mo, but will try your suggestions.

I booted in to safe mode, but msconfig and regedit wouldn't start from there either. :O/

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

LVL 67

Expert Comment

ID: 10895287
You might try system restore: (Restore to previous state)

or can you click Start->Run->SFC /Scannow

Check these sites for information on how to perform a repair install of XP: (Last Known Good/Safe Mode/Recovery Console/Repair) (Choose Pro or Home from the side-bar)
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 150 total points
ID: 10896045
Typically, you want to turn off system restore... and DL a free anti-virus scanner, Mcafee's stinger works well, but if you can't get it to run you may need to get Ad-Aware to run before. (linked above) (turn off system restore on XP and ME to get rid of viri for good)

While the stinger product is good at finding and ridding you of the virus, it does not patch or portect the PC from further, or re-infection. Get a Firewall like ZoneAlarm and an AV solution like McAfee that can work "on access" in stead of after the fact.

Lot's of the lates't viri turn off AV FW and various other programs you'd use to get rid of them. (nasty! tries to kill everything...)
Removal instructions for such a virus are located at the botom of that link...
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. (mcafee's stinger is more incompassing- norton will have you DL every one of their tools, while McAfee's is all in one)
   1. Disable System Restore (Windows Me/XP).
   2. Update the virus definitions.
   3. Restart the computer in Safe mode or VGA mode.
   4. Run a full system scan and delete all the files detected as W32.Gaobot.YN.
   5. Reverse the changes made to the registry.
   6. Remove the DNS entries added to Windows hosts file. also a virus that attacks regedit and others..

LVL 12

Assisted Solution

trywaredk earned 100 total points
ID: 10897674
Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren

:o) Your brain is like a parachute. It works best when it's open

LVL 12

Expert Comment

ID: 10897679
If Sfc.exe does'nt work, then try to copy all the files from C:\WINNT\system32\dllcache to C:\WINNT\system32
Files Manually Copied to the DLLCache Folder Are Not Used Until the Next Reboot;en-us;236995
LVL 38

Expert Comment

by:Rich Rumble
ID: 10900530
the Viri aren't very smart... they only look for the name of the running process... nothing else, so if Adaware.exe or stinger.exe are killed by the virus, try renaming them, it worked when I came across this one before. Remember to turn off System Restore, as you'll just keep re-infecting yourself.

Expert Comment

by:nader alkahtani
ID: 10911839
Firsrt solution :

1.restart ---> Safe Mode

then use the command sfc /scannow to restore the corrupted files

restart the machine againe then install Antivirus Program --->Scan all computer

Second solution :

boot the machine in Safe Mode With Command Prompt

if you access command prompt screen type this command :



Restore your system


Author Comment

ID: 10973648
Thanks guys. I learnt much from your answers and I'm grateful. Nothing worked completely and in the end, rather than spend endless hours, I reformated and reinstalled.

LVL 12

Expert Comment

ID: 10981632
:o) Glad we could help you - thank you for the points

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In a recent article here at Experts Exchange (, I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question