Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Getting c:\combofix\regt.cfxxe is not a valid win32 application


  • Please log in to reply
2 replies to this topic

#1 jdgreger

jdgreger

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 21 September 2009 - 12:01 PM

I got the windows police pro system defender virus. I was able to get to safe mode and remove most of the files so I can run malwarebyets. Found the virus files..deleted.

But the virus has still hijacked my regedit, msconfig, etc

I tried to use combofix but i get the error above during the scanning phase. Is it because my registry is hijacked?

I've looked for TDSSserv.sys under non plug and play...it's notthere.

I installed registry explorer 1.4 to use as my regedit...that works.

please help.

BC AdBot (Login to Remove)

 


#2 jdgreger

jdgreger
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:24 AM

Posted 21 September 2009 - 12:46 PM

I was able to run combo fix even if access was denied to the registry.

It found the virus "rotscxehesruxo.sys" but it can't modify the registry files.

it removed the bad files...but can't edit the registry...what should I do?

how can I make combofix edit the registry?

#3 Guest_The weatherman_*

Guest_The weatherman_*

  • Guests
  • OFFLINE
  •  

Posted 21 September 2009 - 05:02 PM

Moved from HJT to a more appropriate forum. Tw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users