Solved

Cannot run cmd or regedit

Posted on 2009-04-06
7
1,224 Views
Last Modified: 2012-05-06
Clicking Start Run and then typing in cmd or regedit seem to reset explorer.  Everything goes away and then comes back.  IE won't stay lit either.
Any registry settings that I should check?
XP Pro w/SP3
0
Comment
Question by:classnet
7 Comments
 
LVL 14

Expert Comment

by:theras2000
ID: 24082363
Sounds like something needs repairing.  Try typing in 'sfc /checknow' into the Run box (requires the Win CD) to repair some system files.
0
 

Author Comment

by:classnet
ID: 24082524
Yeah...  I tried an inplace repair.  You get to a point where you enter the key and  then several minutes later a portion of the repair starts over and you're entering the key again.  Endless loop.
Ran sfc to no avail.
Can't boot to a PE CD... not enough RAM.
0
 
LVL 14

Expert Comment

by:theras2000
ID: 24084542
Bugger.  The lack of RAM for PE sounds odd.
Have you looked through the Event Logs.  You should be able to see some errors or codes that can lead you on a path of googling to see what is causing the mini-crashing.
0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 23

Expert Comment

by:Admin3k
ID: 24091348
Could also mean malware infection, some malware will disable regedit,CMD,Task manager,etc..
Downoad Malwarebytes anti-malware, Install, update & run a full scan.
also showing us a hijack this log can help.
finally it may also be a good idea to run an online scan at Kaspersky Online , Please post back any logs .

0
 
LVL 1

Accepted Solution

by:
flucto earned 500 total points
ID: 24188406
There's an as-yet unrecognized virus/malware that grabs the "aux" entry under

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

or in some cases adds an aux2=

The malware entry will generally be a random file in your \windows directory

the aux entry should be C:\windows\system32\wdmaud.drv or simply wdmaud.drv

to gain access to the registry, press ctrl+del, run task manager, kill the process for windows explorer, then use the task manager "run" option to run "regedit" (you'll be able to run cmd at this point too)

fix the registry entry, make sure you find and delete the malware file too.  You may well experience other issues but at least this should kill the malware.
0
 

Author Closing Comment

by:classnet
ID: 31567281
Thanks!
0
 

Expert Comment

by:visionmn2
ID: 24368046
We also had this issue and this was the resolution - Thank you!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every computer eventually fails. When that happens, your valuable data is only as safe as your current backup.
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now