Virus from AIM (Valentines day pics) now cant use regedit, msconfig,task manager

By UNCPSnookie ยท 4 replies
Feb 15, 2005
  1. I got a virus/trojan or something from a link in one of my buddys profiles, the link said something like "Valentines day pictures". it was making an away message with the link i clicked that gave me the virus pop up when i'd get online and would try to do it while i was offline but it couldnt. I finally ( i think) got rid of it, but now I cant get into my regedit, msconfig, or task manager...what do i do??I have Norton system works, mcafee (privacy and personal firewall plus), Ad-Aware SE Personal, and Microsoft anti-spyware.. help please.
  2. b4u8cake

    b4u8cake TS Rookie

    A possible fix

    A possible fx/workaround.

    We clicked on a AIM link about pictures about 5 days ago. Yesterday I tried to run RegEdit and it did not stay open. I read some posts here, and found that TaskMgr and msconfig also would not open.

    This is what I did, and now they stay open.
    ***Note I am not a computer expert nor do I play one a TV. But I do know enough to be dangerous.

    Bottom line, what I think fixed the problem was the deletion of files in winnt/prefetch. Files named something like RegEdit????.pf, TaskMgr???.pf and so on.

    Long Story,
    I followed most of the recommendations of another post by getting the latest definition files for AdAware, VX2 cleaner plug-in, Spybot, McAfee, and Stinger. I uninstalled AIM and other programs I was unsure about. Booted in Safe Mode, Ran Adaware, Spybot, Stinger and McAfee. Deleted what they found. This took quit a long time.

    Ran Regedit, yes it stays open in Safe Mode. Backed up
    Then Removed entries like "WildTangent" and others I was un sure of.

    Booted to Normal mode. Regedit still would not stay open. Based on another post, I copied winnt\system32\taskmgr.exe to C:\MyStuff and renamed it to myTMrg.exe. I then deleted winnt\system32\taskmgr.exe. Opened C:\MyStuff\myTMrg.exe, and it stayed open. I sorted by User Name and ended processes that had my user name and looked suspicious after I searched for where the EXE file was and did a properties on. I searched the registry for these file names and deleted most of what I found. I deleted the file, too. This is when I found the prefetch files and deleted them too. I rebooted, and everything stayed open. I downloaded and ran "windows-xp-prefetch-clean-and-control.exe".

    Hope this helps someone.
  3. Tribal-Phoenix

    Tribal-Phoenix TS Rookie Posts: 92

    pfff do u know your virus name ?

    pfff do u know your virus name ?
    coz if u jsut go to symantec web site and get a removal tool, get a program from internet that shows u current processes then close the "virus" process irf u dont know which one it is jsut close all of em lol , for except explorer , and then try running regedit , if it doesnt work then u can get a registry editor , but it still doesnt feel liek u r working on good old windows so then just bacckp data and reinstall windows
  4. maXimus4444

    maXimus4444 TS Rookie Posts: 86

    I used to have the same sort of thing. I searched for a removal tool and found this one here .
  5. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Ah, the good old Windows repairing method: complete reinstallation.

    But viruses can get backed up, too.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...