visitor (0 QPoints)
  • FR
  • EN
  • NL
  • DE
  • ES
315 experts, 1193 registered users, 1659 questions already answered
European Experts Exchange, the very best site for high-quality IT solutions

New Improved Search!

 


05/10/2011 1h30 : Steve Jobs is dead, the father of Apple ][ is gone, we are all orphaned.

Hardware :: Desktop PC :: Windows XP SP1 infected by virus KesenjanganSosial.exe impossible to REGEDIT registry access disabled
By: omuyelijah Nigeria  Date: 05/09/2006 10:47:14  English  Points: 20 Status: Answered
Quality : Excellent
Gulen Morgen Sir,

Bring greetings 4rm Heaven.
Have a dell latitude d600 laptop that was originally win xp sp1 and infected with virus. I installed Avast antvirus and was able 2 clean the system but during d clean up, it happened dat Avast deleted this file below

C:\windows\KesenjanganSosial.exe

Now, every time the system is powered, windows prompts dat the above file is missing and requests 4 replacement. I then upgraded the system to xp sp2 hoping it will resolve the problem but 2 no avail. Pls, how do I go about this Sir?

Wishing U and Ur family Success and God's blessings.
By: VGR Date: 05/09/2006 19:29:29 English  Type : Answer
hello 8-)

It seems the antivirus didn't clean the Registry correctly. You should do start/regedit/ENTER and then search for the filename.exe above in the Registry. Pay special attention into the CurrentControlSet/RunOnce and Run entries.

Then delete all keys and entries where you find a mention of the above viral file. Then close and reboot.

BUT at the point where you are, I would backup the DATA and reformat the drive and reinstall a "clean" (if such a thing does exist) Zindoze. You "have to" do it every year anyway ;-)

alternatively, you could perform the backup, reformat the drive and install Kubuntu (download and burn the ISO image first)

best regards

PS try to fin a meaningful title for your questions, thanks ;-)
By: omuyelijah Date: 07/09/2006 10:33:21 English  Type : Comment
Thanks Sir.

However, I also discovered dat registry editing was disabled and didn't know why. I got to a page on symantec's site (below)

http://www.symantec.com/security_response/writeup.jsp?docid=2004-050614-0532-99

downloaded the UnHookExec.inf file and installed it to grant me registry editing access (I learnt dat a virus could have caused this and that this .inf file could resolve it). Then, I deleted the entry having that value (There was only one entry).

Now, the system is sound all thanks 2 U.

Byeeeeeeeeeeeeeeeeeeeeeeeeeeee.


By: VGR Date: 07/09/2006 17:47:55 English  Type : Comment
yes, but you were infected and this is bad news. If you run a firewal,, change. If you run an antivirus, change. If you use Micro$oft software (Internet Exploder, Outlook/OutlookExpress), change absolutely and now ! Download Firefox, download Thunderbird. You won't lose any settings or historic data (saved passwords, cookies, bookmarks, included).

If you don't change anything, it means the same virus can infect you again.

Even if the system seems "sound", I would reformat the drive and install clean & modern (ie, safe) software.

Also : try Open Office (it's free and it's also wor Windows) in steda of the secureless Office.

best of luck

Do register to be able to answer

©2010 These pages are served without commercial sponsorship. (No popup ads, etc...). Bandwidth abuse increases hosting cost forcing sponsorship or shutdown. This server aggressively defends against automated copying for any reason including offline viewing, duplication, etc... Please respect this requirement and DO NOT RIP THIS SITE.
Please DO link to this page! Post to Twitter Post to Plurk Post to Yahoo Buzz Post to Delicious Post to Digg Post to Facebook Post to MySpace Post to Ping.fm Post to Reddit Post to StumbleUpon

EContact
browser fav
page generated in 340.153930 milliseconds

Why Google AdSense ads ?
compteur
 Ranking-Hits PageRank for this page