Go Premium for a chance to win a PS4. Enter to Win


What virus turns apps off?

Posted on 2004-04-22
Medium Priority
Last Modified: 2013-12-04
Clients XP Pro machine. Never had virus protection.

Running okay, a bit slow, but okay.

Cannot install AVG. Set up starts, but nothing happens after unpacking files.

Cannot run regedit, starts up then closes, almost instantly.

Cannot run MSCONFIG. Just will not open. Run from Start>Run>msconfig. Nothing.

Copied a new MSCONFIG to the desktop and tried to run that...nothing.

I have an idea this is a virus of some sort. Any suggestions would be gratefully recieved.

Thank you :)
Question by:midhurst
  • 3
  • 2
  • 2
  • +3

Accepted Solution

LeftofCool earned 750 total points
ID: 10894739

Since it seems your client has some pretty advanced spyware and viruses, you should download a couple of tools to aid in removing them. The first I will recommend is Spybot Search & Destroy, it can be found here: http://download.com.com/3000-8022-10194058.html?tag=lst-0-3 . The second is Ad-Aware which can be found here: http://www.lavasoftusa.com/ . Install both programs, update them, and let them scan for spyware. If you find that you cannot open either one of these programs then restart the computer in safe mode and run the programs. (Safe Mode starts Windows with a minimal amount of drivers and prevents most viruses from working due to the lack of drivers present.)  Now, restart the computer normally and go to this link: http://housecall.trendmicro.com/ . This is an online virus scanner that may evade viruses that attempt to shut down AV programs, should they be present. Remove everything detected. After performing these steps, I would like to know if any searches in Internet Explorer are being redirected and if so, to where. Please let me know if there is a problem performing a certain step as there are many alternate workarounds.
LVL 67

Expert Comment

ID: 10895144
I'd say try booting into Safe Mode first and foremost...then try to run MSCONFIG disabling anything/everything in the start tab...

How to access Safe Mode:


Author Comment

ID: 10895226
I'm not with the machine at the mo, but will try your suggestions.

I booted in to safe mode, but msconfig and regedit wouldn't start from there either. :O/

WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

LVL 67

Expert Comment

ID: 10895287
You might try system restore:  http://support.microsoft.com/?kbid=306084 (Restore to previous state)

or can you click Start->Run->SFC /Scannow

Check these sites for information on how to perform a repair install of XP:
 http://www.webtree.ca/windowsxp/repair_xp.htm (Last Known Good/Safe Mode/Recovery Console/Repair)
 http://www.windowsreinstall.com/ (Choose Pro or Home from the side-bar)
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 450 total points
ID: 10896045
Typically, you want to turn off system restore... and DL a free anti-virus scanner, Mcafee's stinger works well, but if you can't get it to run you may need to get Ad-Aware to run before. (linked above)
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm (turn off system restore on XP and ME to get rid of viri for good)

While the stinger product is good at finding and ridding you of the virus, it does not patch or portect the PC from further, or re-infection. Get a Firewall like ZoneAlarm and an AV solution like McAfee that can work "on access" in stead of after the fact.

Lot's of the lates't viri turn off AV FW and various other programs you'd use to get rid of them.
http://securityresponse.symantec.com/avcenter/venc/data/w32.gaobot.yn.html (nasty! tries to kill everything...)
Removal instructions for such a virus are located at the botom of that link...
The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. (mcafee's stinger is more incompassing- norton will have you DL every one of their tools, while McAfee's is all in one)
   1. Disable System Restore (Windows Me/XP).
   2. Update the virus definitions.
   3. Restart the computer in Safe mode or VGA mode.
   4. Run a full system scan and delete all the files detected as W32.Gaobot.YN.
   5. Reverse the changes made to the registry.
   6. Remove the DNS entries added to Windows hosts file.

http://securityresponse.symantec.com/avcenter/venc/data/w32.petch.html also a virus that attacks regedit and others..

LVL 12

Assisted Solution

trywaredk earned 300 total points
ID: 10897674
Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren

:o) Your brain is like a parachute. It works best when it's open

LVL 12

Expert Comment

ID: 10897679
If Sfc.exe does'nt work, then try to copy all the files from C:\WINNT\system32\dllcache to C:\WINNT\system32
Files Manually Copied to the DLLCache Folder Are Not Used Until the Next Reboot
LVL 38

Expert Comment

by:Rich Rumble
ID: 10900530
the Viri aren't very smart... they only look for the name of the running process... nothing else, so if Adaware.exe or stinger.exe are killed by the virus, try renaming them, it worked when I came across this one before. Remember to turn off System Restore, as you'll just keep re-infecting yourself.

Expert Comment

by:nader alkahtani
ID: 10911839
Firsrt solution :

1.restart ---> Safe Mode

then use the command sfc /scannow to restore the corrupted files

restart the machine againe then install Antivirus Program --->Scan all computer

Second solution :

boot the machine in Safe Mode With Command Prompt

if you access command prompt screen type this command :



Restore your system


Author Comment

ID: 10973648
Thanks guys. I learnt much from your answers and I'm grateful. Nothing worked completely and in the end, rather than spend endless hours, I reformated and reinstalled.

LVL 12

Expert Comment

ID: 10981632
:o) Glad we could help you - thank you for the points

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Screencast - Getting to Know the Pipeline

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question