Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cannot get into Regedit!!
- Thread starter PhotoOpp
- Start date
franklin97355
Technical User
Are you logging on as the "administrator"?
- Thread starter
- #3
Open notepad and copy/paste the below. Save the file as registry_fix.vbs:
******* start copy/paste below this line
On Error Resume Next
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools"
WshShell.RegDelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools"
Set WshShell = Nothing
******** end copy/paste above this line
Save the file. Then Start, Run, cscript registry_fix.vbs
Now that you can access the registry again, scan your system for malware, as this is the likely source of this problem.
See this FAQ: Faq608-4650
******* start copy/paste below this line
On Error Resume Next
Set WshShell = WScript.CreateObject("WScript.Shell")
WshShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools"
WshShell.RegDelete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools"
Set WshShell = Nothing
******** end copy/paste above this line
Save the file. Then Start, Run, cscript registry_fix.vbs
Now that you can access the registry again, scan your system for malware, as this is the likely source of this problem.
See this FAQ: Faq608-4650
- Thread starter
- #5
Thanks for the ideas... I am guessing that you are right that I must have some form of malware or virus!
Before I followed your advice on the registry fix I decided to follow the steps in the FAQ608-4650 and went to the on-line virus checking sites... I ran the Trend Micro & Panda checks and found numerous problems on each. The Trend Micro indicated that the numerous items found were not fixable (is that a word?) and therefore I deleted them!
I am now wondering if I deleted some key Windows files because I cannot run any programs from the RUN command... e.g. CMD.exe brings up the 'Open With' window asking me to choose the program to open this with!!! I tried numerous other commands all with the same result. For example, when I doubleclick on CWShredder.exe I get the same window opening!
Any suggestions on a next step... reinstall windows???
Before I followed your advice on the registry fix I decided to follow the steps in the FAQ608-4650 and went to the on-line virus checking sites... I ran the Trend Micro & Panda checks and found numerous problems on each. The Trend Micro indicated that the numerous items found were not fixable (is that a word?) and therefore I deleted them!
I am now wondering if I deleted some key Windows files because I cannot run any programs from the RUN command... e.g. CMD.exe brings up the 'Open With' window asking me to choose the program to open this with!!! I tried numerous other commands all with the same result. For example, when I doubleclick on CWShredder.exe I get the same window opening!
Any suggestions on a next step... reinstall windows???
First try to repair the .EXE file association. See Doug Knox's site:
See also:
See also:
- Thread starter
- #8
Unfortunately, Doug Knox's repair for the EXE file association means that I need to use Regedit to run the reg file... but that was my original problem I can't get access to regedit!
Your second link is about the trojan file Netstatt.exe... but I can still run Task Manager and I don't see that file there!
Any other ideas??
Your second link is about the trojan file Netstatt.exe... but I can still run Task Manager and I don't see that file there!
Any other ideas??
While you can rename regedit.exe to regedit.com, you have to be more creative with Task Manager and MSCONFIG.
Rename copies of these utilities as shown below and run them or use MS-MVP Doug Knox's Emergency Msconfig, Regedit, Task Manager utility: This utility creates usable copies of MSCONFIG, REGEDIT AND TASK MANAGER by creating copies of the actual files to C:\EmergencyUtils folder. The alternate copies will have the following file names: MSCONFIG1.EXE, TASKMGR1.EXE and REGEDIT.COM.
Online Virus Scanners and Security tests:
Rename copies of these utilities as shown below and run them or use MS-MVP Doug Knox's Emergency Msconfig, Regedit, Task Manager utility: This utility creates usable copies of MSCONFIG, REGEDIT AND TASK MANAGER by creating copies of the actual files to C:\EmergencyUtils folder. The alternate copies will have the following file names: MSCONFIG1.EXE, TASKMGR1.EXE and REGEDIT.COM.
Online Virus Scanners and Security tests:
- Thread starter
- #12
Clearly I have something that is really affecting my system!!
I went into Explorer (right click on start/explore) and renamed Regedit.exe to Regedit.com and tried to run it... however like the exe files the com files also get the 'Open With' window!
So... I can't run any exe or com programs. I also now can only get into the Administrator account! And, I just exited Explorer and tried to reenter and got a window saying "C:\windows\explorer.exe Application not found"!!! It's like something is following my moves and closing things down!!!
Just for clarity... I CAN still get into Task Manager.
I should mention that one of the files that the Trend Micro virus check identified was something called SPOOLLD.EXE which I deleted. I notice that whenever I reboot my computer the system tries to reload this file... Since I can't access MSConfig I can't delete this startup item. Does anyone have experience with this file? My searches have found nothing on it!
My current thought is that I should do a complete reinstall of windows (and SP2)... Any thoughts as to whether or not this will work? Should I do a repair of new install? Is there something else I should do instead?
I went into Explorer (right click on start/explore) and renamed Regedit.exe to Regedit.com and tried to run it... however like the exe files the com files also get the 'Open With' window!
So... I can't run any exe or com programs. I also now can only get into the Administrator account! And, I just exited Explorer and tried to reenter and got a window saying "C:\windows\explorer.exe Application not found"!!! It's like something is following my moves and closing things down!!!
Just for clarity... I CAN still get into Task Manager.
I should mention that one of the files that the Trend Micro virus check identified was something called SPOOLLD.EXE which I deleted. I notice that whenever I reboot my computer the system tries to reload this file... Since I can't access MSConfig I can't delete this startup item. Does anyone have experience with this file? My searches have found nothing on it!
My current thought is that I should do a complete reinstall of windows (and SP2)... Any thoughts as to whether or not this will work? Should I do a repair of new install? Is there something else I should do instead?
joemck2004
Technical User
Mike, exe!=com. Com files are raw x86 code and have an entry point of 0x100. They're DOS-only and are limited to 64k combined code and data. Exe files have a header on them to allow multiple segments, bypassing the 64k limit. You have to create a header to convert a COM to an EXE. To convert the other way (as you're suggesting), you have to remove the header and pray that the code doesn't use multiple segments.
- Thread starter
- #16
- Thread starter
- #18
Try a repair reinstallation:
If the issue is essentially missing or damaged files, this will sort it.
If the issue is essentially missing or damaged files, this will sort it.
- Thread starter
- #20
An update...
I tried the repair installation and it didn't work!! So... I bit the bullet and did a completely new install! Oh well, at least now I am up and running well again.
Unfortunately, I was not able to run any programs (because of the problem) and therefore unable to uninstall applications before I did the new install. After the install, I found myself with the sub-directory 'C:\Program Files' full of my previously installed programs! Of course, none of these were properly registered and therefore would not function! It has been somewhat of a pain having to go through and delete them selectively! In hindsight I perhaps should have renamed Program Files to something else and then let the new install setup a new Program Files directory.
Given that I am now happy with the set up what would be the recommended approach to keeping a copy of my instance? I ask this because if I run into a similar problem, I could then completely restore this instance to what I have today and then only have to update forward...
Any thoughts?
I tried the repair installation and it didn't work!! So... I bit the bullet and did a completely new install! Oh well, at least now I am up and running well again.
Unfortunately, I was not able to run any programs (because of the problem) and therefore unable to uninstall applications before I did the new install. After the install, I found myself with the sub-directory 'C:\Program Files' full of my previously installed programs! Of course, none of these were properly registered and therefore would not function! It has been somewhat of a pain having to go through and delete them selectively! In hindsight I perhaps should have renamed Program Files to something else and then let the new install setup a new Program Files directory.
Given that I am now happy with the set up what would be the recommended approach to keeping a copy of my instance? I ask this because if I run into a similar problem, I could then completely restore this instance to what I have today and then only have to update forward...
Any thoughts?
- Status
Similar threads
- Locked
- Question
- Locked
- Question
