Solved

Cannot run cmd or regedit

Posted on 2009-04-06
7
1,235 Views
Last Modified: 2012-05-06
Clicking Start Run and then typing in cmd or regedit seem to reset explorer.  Everything goes away and then comes back.  IE won't stay lit either.
Any registry settings that I should check?
XP Pro w/SP3
0
Comment
Question by:classnet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 14

Expert Comment

by:theras2000
ID: 24082363
Sounds like something needs repairing.  Try typing in 'sfc /checknow' into the Run box (requires the Win CD) to repair some system files.
0
 

Author Comment

by:classnet
ID: 24082524
Yeah...  I tried an inplace repair.  You get to a point where you enter the key and  then several minutes later a portion of the repair starts over and you're entering the key again.  Endless loop.
Ran sfc to no avail.
Can't boot to a PE CD... not enough RAM.
0
 
LVL 14

Expert Comment

by:theras2000
ID: 24084542
Bugger.  The lack of RAM for PE sounds odd.
Have you looked through the Event Logs.  You should be able to see some errors or codes that can lead you on a path of googling to see what is causing the mini-crashing.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 23

Expert Comment

by:Mohamed Osama
ID: 24091348
Could also mean malware infection, some malware will disable regedit,CMD,Task manager,etc..
Downoad Malwarebytes anti-malware, Install, update & run a full scan.
also showing us a hijack this log can help.
finally it may also be a good idea to run an online scan at Kaspersky Online , Please post back any logs .

0
 
LVL 1

Accepted Solution

by:
flucto earned 500 total points
ID: 24188406
There's an as-yet unrecognized virus/malware that grabs the "aux" entry under

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

or in some cases adds an aux2=

The malware entry will generally be a random file in your \windows directory

the aux entry should be C:\windows\system32\wdmaud.drv or simply wdmaud.drv

to gain access to the registry, press ctrl+del, run task manager, kill the process for windows explorer, then use the task manager "run" option to run "regedit" (you'll be able to run cmd at this point too)

fix the registry entry, make sure you find and delete the malware file too.  You may well experience other issues but at least this should kill the malware.
0
 

Author Closing Comment

by:classnet
ID: 31567281
Thanks!
0
 

Expert Comment

by:visionmn2
ID: 24368046
We also had this issue and this was the resolution - Thank you!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses
Course of the Month8 days, 1 hour left to enroll

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question