cannot run any .exe file after AV told me to delete regt.3exe and it gets worse.......

Posted on 2011-10-06
Last Modified: 2012-08-14
ran combofix without turning off AV antivirus. (Iknow, I messed up!) in the middle of the combofix scan, AV pops up and says to delete a terrible threat: regt.3exe. Idiot here deletes it. Combofix seems to continue to normal conclusion, but I can't find a report in the log file and I Can't run any exe files to open anything. error message says that every .exe file is marked for deletion. Even when I try to go to restore point combofix made before it ran, the exe says marked for deletion. What a mess I made. Please help
Question by:oliviajones
    LVL 8

    Expert Comment

    by:Sean Scissors
    My guess is that the virus is still in your registry corrupting the .exe file execution. So every time you run a .exe it runs that command to open a window saying there's an error.

    Download this and run the file that is a .reg file. Make sure to hit yet to merge.
    LVL 13

    Accepted Solution

    you did not mentioned what is the Operating system too....
    i've seen this in windows 7 & after restart it is ok. but little different than here
    did you restart pc or not ?

    Author Comment

    To Scissors85: Thanks for the suggestion. could you give me further instruction on how to "run the file that is a .reg file. Make sure to hit yet[s] to merge". Will it be obvious once I start? Will it work if it's a .exe file?

    To upalakshitha: I am running windows 7. I have not tried restart because was afraid I might not even get a boot working. Should I risk attempt at restart?

    To younghv: Sorry if I have confused the issue. These are indeed multiple problems on the same computer. I had to take a week off for medical reasons, and wrote that I would be gone for a week (transplant trumps computer virus). When I returned  I followed the expert advice on the original question and posted the logs generated as suggested (see Hijack this log shows bho's. How do I ID bad ones and remove?), but did not get a response. In fact, there has been no activity on that question for over three days. I  requested attention  and nothing happened. So I started breaking the problems into small parts.  I would much rather have a more holistic approach to my problem, but that did not seem to be working.


    Author Comment

    I restarted and AV antivirus gave  notice: Threat removal completed. File name c:\
    Combofix\REGT.EXE. severity 4 red bars, 981 processes terminated. 553 files removed. 17 registry keys deleted.  AMAZING! Computer works!  .exe files open. Oh happy day.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Finally comes the third version of VMware Virtual SAN, whose name is 6.1, and comes loaded with new features many of which really are excellent and even surprising.
    First I will try to share a design of a Veeam Backup Infrastructure without Direct NFS Access backup.  ( Note: Direct NFS Access backup …
    In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
    Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now