Cannot run cmd or regedit

Clicking Start Run and then typing in cmd or regedit seem to reset explorer.  Everything goes away and then comes back.  IE won't stay lit either.
Any registry settings that I should check?
XP Pro w/SP3
Sheldon LivingstonConsultantAsked:
Who is Participating?
 
fluctoConnect With a Mentor Commented:
There's an as-yet unrecognized virus/malware that grabs the "aux" entry under

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

or in some cases adds an aux2=

The malware entry will generally be a random file in your \windows directory

the aux entry should be C:\windows\system32\wdmaud.drv or simply wdmaud.drv

to gain access to the registry, press ctrl+del, run task manager, kill the process for windows explorer, then use the task manager "run" option to run "regedit" (you'll be able to run cmd at this point too)

fix the registry entry, make sure you find and delete the malware file too.  You may well experience other issues but at least this should kill the malware.
0
 
theras2000Commented:
Sounds like something needs repairing.  Try typing in 'sfc /checknow' into the Run box (requires the Win CD) to repair some system files.
0
 
Sheldon LivingstonConsultantAuthor Commented:
Yeah...  I tried an inplace repair.  You get to a point where you enter the key and  then several minutes later a portion of the repair starts over and you're entering the key again.  Endless loop.
Ran sfc to no avail.
Can't boot to a PE CD... not enough RAM.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
theras2000Commented:
Bugger.  The lack of RAM for PE sounds odd.
Have you looked through the Event Logs.  You should be able to see some errors or codes that can lead you on a path of googling to see what is causing the mini-crashing.
0
 
Mohamed OsamaSenior IT ConsultantCommented:
Could also mean malware infection, some malware will disable regedit,CMD,Task manager,etc..
Downoad Malwarebytes anti-malware, Install, update & run a full scan.
also showing us a hijack this log can help.
finally it may also be a good idea to run an online scan at Kaspersky Online , Please post back any logs .

0
 
Sheldon LivingstonConsultantAuthor Commented:
Thanks!
0
 
visionmn2PresidentCommented:
We also had this issue and this was the resolution - Thank you!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.