worm/virus prevents acces to regedit

Packard bell / Easy note
December 6, 2009 at 03:06:04
Specs: Windows XP sp3
Hi. I got an email and accidently clicked on it. Now i've got a message saying my PC is infected and I have to "install the latest anti virus software". At startup I get a message saying "Spyware alert! Scurity warning. Worm.Win32.NetSky detected on your machine....etc" I cannot run regedit nor taskmanager. I get messages like: "Warning: application cannot be executed. The file is infected....etc"
The only program showing in the tray is a red circle with a white cross on it.

I've runned HiJackthis and can send you the log
if you want it.

Please help me. This is my work pc and I need it fast.

See More: worm/virus prevents acces to regedit

Report •

December 6, 2009 at 06:30:07
Please download exeHelper to your desktop.
Double-click on exeHelper.com to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt (Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).

Please run RSIT.exe by random/random and post its logs.

Download random's system information tool (RSIT) by random/random from the following link and save it to your desktop.


1. Double click on RSIT.exe to launch program.
2.(Vista Users Only) Right click on the RSIT.exe icon and select "Run as Administrator" to run the program.
3. Click Continue at the disclaimer screen.
4. Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
5.Once it has finished, two logs will open: log.txt<-- this will be maximized and info.txt<-- this will be minimized. Both logs will be located at C:\RSIT.exe.

Please post the contents of both logs (in separate post) in your next reply. It may take 3 to 4 post to get the entire log to us.

Download Gmer.exe from the following link.


1. Disconnect from the Internet and close all running programs.
2. Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
3. Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
4. Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
5. GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
6. If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
7. Now click the Scan button. If you see a rootkit warning window, click OK.
8. When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
9. Click the Copy button and paste the results into your next reply.
•Exit GMER and re-enable all active protection when done.

Report •

December 6, 2009 at 06:46:39
Go to the following link and follow the direction to fix regedit.

Doug Knox Regedit Fix

Report •

Related Solutions

Ask Question