TechSpot

Regedit, Cmd are not a valid Win32 application?!

By mackygood
Jul 15, 2006
Topic Status:
Not open for further replies.
  1. I wanted to edit my registry today, It gave me a ' not a valid win32 application'. Then I tried command line, and it gave the same message.

    Attached is my HijackThis Log.

    Thanks for any help!

    mackygood

    Attached Files:

    • log.txt
      File size:
      5.5 KB
      Views:
      23
  2. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    thanks for your reply.

    I'll get to doing what you told me know and post back a Hijack This Log.

    thanks for your help,

    mackygood
  3. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Hello and welcome to Techspot.

    Your system is infected with a variety of nasties and needs to be thoroughly scanned etc. You are also not running any antivirus or firewall programmes. Download and install the free Zonealarm firewall and the free AVG antivirus programme from HERE and HERE.

    Install Zonealarm, followed by AVG and reboot your system. Run the AVG updates and then boot into safe mode and turn system restore off.

    Do a full system scan with AVG and delete whatever it finds.

    Reboot into normal mode and follow the instructions below.

    Go HERE and follow the instructions exactly.

    Post a fresh HJT log into this thread, only after doing the above.

    Regards Howard :wave: :wave:
  4. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    what happened to paranoidguy's post??

    ok downloading avg and zonewall right now
  5. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    paranoidguy is still only learning the ropes for HJT logs.

    While he is getting better and better all the time, in your case his advice was a little off the mark.

    I therefore deleted his post in order to stop you from getting the wrong information.

    Regards Howard :)
  6. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    um...can't really boot into safe mode ?!!

    I press F8 go to safe mode...same black screen but this time I get this at bottom:

    Press ESC to cancel loading SPTD.sys

    I don't press ESC and wait.

    Then the login menu shows up. I press my username ' Owner ' and it gives me a password box. Then it restarts. I've tried 5 times with the same results. I don't have a password so I'm wondering why it keeps on showing the password box.

    Any help on this??

    thanks
  7. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    SPTD.sys is part of the Daemon tools drivers and can cause problems.

    When asked if you want to cancel SPTD.sys, choose yes.

    Regards Howard :)
  8. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    ok will boot into safe mode again
  9. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    ok I pressed ESC this time.

    It got even worse lol.

    This time it wouldn't even let me press my username.

    It goes to the logon menu, i move my mouse and it restarts again.

    any help on this??

    thx
  10. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    You could try temporarily uninstalling Daemon tools and see if that helps.

    Regards Howard :)
  11. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    It was previously installed on my PC, but I uninstalled when I used Alcohol to mount my CDs. So I don't have it installed on my PC anymore.

    ( just checked the control panel, no sign of Daemon tools)
     
  12. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    In that case go and manually delete the driver.

    C:\windows\System32\Drivers\sptd.sys

    Regards Howard :)
  13. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    ok, went and deleted sptd.sys

    Now I get a mix of the problems.

    Tried 5 times

    3 times were the password box problem

    2 times were the move the mouse problem

    thx

    mackygood
  14. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Mmm, something`s not quite right. Forget the safe mode bit for now and just run the system scan.

    Then follow the rest of the instructions as far as you can.

    Regards Howard :)
  15. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    ok scanning with avg now..

    will follow instructions and post back with hjt log.

    thanks for all your help = )

    mackygood
  16. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    ok..just did everything you told me to.

    AVG found two trojans and one worm. I deleted them all.

    Then I followed the thread you gave me.

    I chose F-secure online scan and it found three files.

    I deleted them manually.

    then i scanned with ewido and found two cookies and Alexa.

    All deleted.
    '
    then i rebooted, but the problem is still continuing.

    Here is a new HJT Log.

    (When scanning I received this error message:


    An unexpected error has occurred at procedure: modMain_CheckOther14Item()
    Error #62 - Input past end of file

    Please email me at merijn@spywareinfo.com, reporting the following:
    * What you were trying to fix when the error occurred, if applicable
    * How you can reproduce the error
    * A complete HijackThis scan log, if possible

    Windows version: Windows NT 5.01.2600
    MSIE version: 6.0.2800.1106
    HijackThis version: 1.99.1

    This message has been copied to your clipboard.
    Click OK to continue the rest of the scan.

    )


    I clicked ok and it went on scanning.

    Attached is the log.

    Thanks,

    mack
  17. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    I`ve no idea what the error message you got means.

    However, I can tell you your HJT log is now clean.

    How is your system running now?

    Regards Howard :)
  18. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    System's running great. Faster too.

    thing is

    I still can't run command line.

    ROFL

    any ideas?

    thx
  19. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Try replacing the cmd.exe file in your windows\system32 folder. This is just in case the file is broken.

    If that doesn`t work, then maybe doing a Windows repair as per this thread HERE will help.

    Regards Howard :)
  20. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    Thanks for your help.

    you know where i can get a copy of cmd.exe ( and regedit ) ? googled it and can't find it : (

    as for repairing, My WindowsXP CD's different from the one in the thread.

    my pc was made in taiwan, XP was bundled, and they only gave me their company-made XP installation CD.

    no signs of any repair option ...
  21. howard_hopkinso

    howard_hopkinso Newcomer, in training Posts: 25,948   +19

    Take a look at this thread HERE. It may help with your regedit and cmd problems.

    Have you tried typing cmd.exe into the run box and hitting the enter key?

    Do the same with regedit and see what happens.

    It could be that the infections you`ve just got rid of have damaged some of your OS files.

    If all else fails, I`ll send you a copy of my cmd.exe file and regedit.exe file.

    Please let me know how you get on.

    Regards Howard :)
  22. mackygood

    mackygood Newcomer, in training Topic Starter Posts: 18

    lol you're the man.

    I usually only type cmd and regedit in the run box.

    Add a .exe to the end *PRESTO*

    Thanks for your help.

    So what's the problem with my machine then?

    cmd doesn't work but cmd.exe works.

    I will also have a look at the thread.

    thx agn howard = )
  23. varimon

    varimon Newcomer, in training

    i have same problem. however, the regedit file is there in c:\windows\

    if i type "regedit.exe" instead of just "regedit" the registry editor pops right up. not sure why this is, but it works for the moment while i try to figure out how to fix it.

    EDIT: u must go to "c:\windows\system32\" and delete regedit.com and assuming regedit.exe is still in c:\windows\ the problem is fixed for now. if ur confused by there being no .exe or .com after the file, go to menu bar Tools/Folder Options go to the View tab then uncheck the box for "hide extensions for known file types" and Hit OK. this will make extensions for all files visible. be sure to go back and recheck the box after ur done just for any n00bs who might come along and screw themselves up.

    as mentioned, regedit.com is mal-ware so u probly have more problems than just this fix.
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.