Solved

Cannot run cmd or regedit

Posted on 2009-04-06
7
1,219 Views
Last Modified: 2012-05-06
Clicking Start Run and then typing in cmd or regedit seem to reset explorer.  Everything goes away and then comes back.  IE won't stay lit either.
Any registry settings that I should check?
XP Pro w/SP3
0
Comment
Question by:classnet
7 Comments
 
LVL 14

Expert Comment

by:theras2000
Comment Utility
Sounds like something needs repairing.  Try typing in 'sfc /checknow' into the Run box (requires the Win CD) to repair some system files.
0
 

Author Comment

by:classnet
Comment Utility
Yeah...  I tried an inplace repair.  You get to a point where you enter the key and  then several minutes later a portion of the repair starts over and you're entering the key again.  Endless loop.
Ran sfc to no avail.
Can't boot to a PE CD... not enough RAM.
0
 
LVL 14

Expert Comment

by:theras2000
Comment Utility
Bugger.  The lack of RAM for PE sounds odd.
Have you looked through the Event Logs.  You should be able to see some errors or codes that can lead you on a path of googling to see what is causing the mini-crashing.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 23

Expert Comment

by:Admin3k
Comment Utility
Could also mean malware infection, some malware will disable regedit,CMD,Task manager,etc..
Downoad Malwarebytes anti-malware, Install, update & run a full scan.
also showing us a hijack this log can help.
finally it may also be a good idea to run an online scan at Kaspersky Online , Please post back any logs .

0
 
LVL 1

Accepted Solution

by:
flucto earned 500 total points
Comment Utility
There's an as-yet unrecognized virus/malware that grabs the "aux" entry under

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

or in some cases adds an aux2=

The malware entry will generally be a random file in your \windows directory

the aux entry should be C:\windows\system32\wdmaud.drv or simply wdmaud.drv

to gain access to the registry, press ctrl+del, run task manager, kill the process for windows explorer, then use the task manager "run" option to run "regedit" (you'll be able to run cmd at this point too)

fix the registry entry, make sure you find and delete the malware file too.  You may well experience other issues but at least this should kill the malware.
0
 

Author Closing Comment

by:classnet
Comment Utility
Thanks!
0
 

Expert Comment

by:visionmn2
Comment Utility
We also had this issue and this was the resolution - Thank you!
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now