Announcement

Collapse
No announcement yet.

ie and registry blocked

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • ie and registry blocked

    my client have a machine without AV (he has something called avg running on it...) for years.

    i install SAV 10 and found more then 400 viruses, but the SAV was not able to update automatically from the net. So I took out the SAV, then I relise the problem is not only the AV, I was able to ping, but not to browse neither to receive emails thru outlook express.

    I try to run a small tool to fix the sockets but I receive a msg the admin (me) dont allow you make changes in the registry. the same msg I received trying to run regedit. But I allow myself to edit the register

    after a while the explorer crashed then everything start working fine. In the link I receive from the error sender microsoft advise me to install sp2, and I was able to run the socket fixer

    so I install the SP3 and the problem stay, after a while the explorer crash and
    everything start working normally

    I install the IE8, when I try to open it nothing happens, but I can see the iexplorer process in the task manager. I try to reset all the ie settings but still not working. then I realise the connections tab at the internet properties cannot be open, when I try to open it the all window froze. but since im lucky the explorer crash again and all the daemons run out

    So I install the FF restart and the internet works on it, but the IE and OE still not until the next explorer crash...

    I run the autoruns and nothing strange over there.

    Who will be my hero and help me hunt these daemons?

  • #2
    Re: ie and registry blocked

    Grab MalwareBytes Anti-Malware tool (FREE) and run it a couple of times in safe mode. Run both the full and quick tests.
    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment


    • #3
      Re: ie and registry blocked

      doesnt make sense, since this problems starts after I install the SAV

      Normally the full includes the quick, why I need to run both?

      Comment


      • #4
        Re: ie and registry blocked

        Originally posted by nitoglycerine View Post
        my client have a machine without AV (he has something called avg running on it...) for years.

        i install SAV 10 and found more then 400 viruses, but the SAV was not able to update automatically from the net. So I took out the SAV, then I relise the problem is not only the AV, I was able to ping, but not to browse neither to receive emails thru outlook express.
        What?!? No AV What do you think AVG is?? http://lifehacker.com/5399564/five-b...s-applications

        I would use AVG before SAV 10 anyday!

        So SAV found 400 viruses and what did it do with them?? Delete? quarantine?
        Updating SAV is irrelevant at this stage because obviously it's already got the definitions to pick up 400 Viruses!! (That's a contender btw )

        I try to run a small tool to fix the sockets but I receive a msg the admin (me) dont allow you make changes in the registry. the same msg I received trying to run regedit. But I allow myself to edit the register

        after a while the explorer crashed then everything start working fine. In the link I receive from the error sender microsoft advise me to install sp2, and I was able to run the socket fixer

        so I install the SP3 and the problem stay, after a while the explorer crash and
        everything start working normally

        I install the IE8, when I try to open it nothing happens, but I can see the iexplorer process in the task manager. I try to reset all the ie settings but still not working. then I realise the connections tab at the internet properties cannot be open, when I try to open it the all window froze. but since im lucky the explorer crash again and all the daemons run out

        So I install the FF restart and the internet works on it, but the IE and OE still not until the next explorer crash...

        I run the autoruns and nothing strange over there.

        Who will be my hero and help me hunt these daemons?
        I think you need to format and start again if am honest with you. but just do an Offline scan as suggested and see what comes up (It's irrelevant what AV you use as long as that type of scan is supported).
        After that educate your client to always update (Windows, office, AV definitions, AS definitions etc)
        It's pointless you spending a load of time trying to fix application issues which are probably result of malware infection (based on your facts)
        Caesar's cipher - 3

        ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

        SFX JNRS FC U6 MNGR

        Comment


        • #5
          Re: ie and registry blocked

          Originally posted by nitoglycerine View Post
          but I can see the iexplorer process in the task manager.
          The pocess iexplorer.exe is a process belonging to the AdClicker advertising program. while iexplore.exe is IE



          ... msg I received trying to run regedit.
          To enableize editing the registery again for your account, run the next commands one by one and each time try to see if you can run Regedit
          Code:
          reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools
          answer: yes
          
          reg.exe delete HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools
          answer: yes
          reg.exe delete HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools
          answer: yes
          related posts:
          - http://forums.petri.com/showpost.php...82&postcount=5
          - http://forums.petri.com/showpost.php...10&postcount=9
          - http://forums.petri.com/showpost.php...09&postcount=6




          \Rems
          Last edited by Rems; 1st December 2009, 18:18.

          This posting is provided "AS IS" with no warranties, and confers no rights.

          __________________

          ** Remember to give credit where credit's due **
          and leave Reputation Points for meaningful posts

          Comment


          • #6
            Re: ie and registry blocked

            Real serious suggestion. Save the data then blow the hard drive away and install clean. Chances are it will have some nasty root kits as well as a multitude of other virii, malware and spyware.

            A clean install should ensure peace of mind and save you 10 to 20 hours of cleaning and still not be sure you got everything.
            1 1 was a racehorse.
            2 2 was 1 2.
            1 1 1 1 race 1 day,
            2 2 1 1 2

            Comment


            • #7
              Re: ie and registry blocked

              thanks for all the answers,

              I want avoid the xp re-installation, but now im sure this is the best way in this case

              Comment


              • #8
                Re: ie and registry blocked

                FYI: Quick can pull up stuff full doesn't, and vice versa. No real reason why.
                ** Remember to give credit where credit is due and leave reputation points where appropriate **

                Comment

                Working...
                X