Troj won't let programs open regedit included - how do I proceed?

Posted 9/21/2004 10:14 AM
#3253
User avatar

Jake Member

Date Joined Nov 2016
Total Posts: 5
I have AVG resident sheild - found 12 trojans -all variants of Troj Horse proxy.x.etc and healed them, but can't heal or remove Troj Horse Proxy.5.F I also believe I have I-Worm/klez.h. The trojan is preventing me from opening any programs including regedit. I have been able to open AVG to run a scan by right clicking and clicking on 'Run As' this somehow gets around the virus and opens - I havn't be able to open any other program. How do I get rid of this if I can't go into regedit? Is there an online removal tool that can dispatch this critter without downloading an executable file? Anything I download will not open as well... cheers, Jake
Posted 9/21/2004 10:35 AM
#3254
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 9/21/2004 4:00 PM
#3259
User avatar

Jake Member

Date Joined Nov 2016
Total Posts: 5
Thanks for the tip - I ran the scan and it found Troj Agnet.BA but didn't remove it. It says that I should download the program PCilln? I can't download anything cuz it will not open... Do you have any other ideas... Jake
Posted 9/21/2004 4:15 PM
#3260
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
It is really a bad one, you´ve got there :smhair: <br/> <br/>http://www.sophos.com/virusinfo/analyses/trojagentba.html <br/> <br/>Try fix it manual. <br/> <br/>!it will not open"....what will not open?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 9/21/2004 4:22 PM
#3261
User avatar

Jake Member

Date Joined Nov 2016
Total Posts: 5
Any program I try to open, an error message pops up that says 'Windows cannont find "name of the program trying to open" Make sure you typed in the name correctly, etc.' So I cannot open regedit, cmd prompt, etc, I cannot open any program. I can surf the net and run asps but anything that says download or run from disk is unavailable. I tried in safe mode and have the same problem. So, it seems that all remedies are not working for me... Jake
Posted 9/21/2004 4:47 PM
#3262
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
I don´t like to say it, but i am pretty sure, someone has hacked your computer. <br/> <br/>This is from Sophos link: <br/>Troj/Agent-BA is a backdoor Trojan for the Windows platform. <br/>Troj/Agent-BA functions as a proxy server, allowing a malicious user to redirect internet traffic through the infected computer. !! <br/> <br/>Disconnect to the net, and see if you can open programs now, or maybe do a system restore

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 9/22/2004 4:53 PM
#3276
User avatar

Jake Member

Date Joined Nov 2016
Total Posts: 5
Okay, I managed to open regedit by searching for the file name (still works) and then copying it to the desktop then I can right click and open with 'run as' - i figured out most programs can be opened this way... Now that I can get to regedit - is there anything I can do? :rolleyes:
Posted 9/22/2004 4:59 PM
#3277
User avatar

Touch Advanced member

Date Joined Nov 2016
Total Posts: 12976
If you can download and r<SPAN lang=EN-GB style="FONT-SIZE: 10pt; FONT-FAMILY: 'Times New Roman'; mso-fareast-font-family: 'Times New Roman'; mso-ansi-language: EN-GB; mso-fareast-language: DA; mso-bidi-language: AR-SA">un this scanner: http://www.mwti.net/antivirus/free_utilities.asp<BR style="mso-special-character: line-break">do it. <br/> <br/> <br/>Are you running XP. or?

[color=black face="Courier New" sab="311">[2]Click here: Before-posting-a-log[/2][/url]

<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
[/color]
Do not PM me with logfiles. They will be deleted.


Posted 9/22/2004 5:18 PM
#3280
User avatar

Jake Member

Date Joined Nov 2016
Total Posts: 5
yes xp home - thanks
Posted 3/26/2011 3:13 AM
#91287
User avatar

Bobford Member

Date Joined Nov 2016
Total Posts: 1
The fact that you could right click and run as to start programs was golden info for me. I had the same problem on a friend's computer and through a combination of Glary Utilities and Malware Bytes was able to repair the system. Thank You for the insight guys!
Posted 3/28/2011 7:28 AM
#91301
User avatar

kmiranda09 Member

Date Joined Nov 2016
Total Posts: 1
If you still experience the same problem, you better try other antivirus software to remove trojan.
Posted 5/7/2011 2:24 PM
#91525
User avatar

as_the_maniax Member

Date Joined Nov 2016
Total Posts: 2
I used to clean (infiltrate) any malware (virus,trojan, etc) with ESS Rescue CD (http://go-thip.com/2011/04/29/eset-rescue-cddvd.html), or, if it still cannot clean the malware, I use mini XP from Hiren's (http://go-thip.com/2011/04/29/hirens-boot-cd.html). Just try it :D, nothing to lose.. <br/> <br/>regard
Posted 2/1/2012 5:52 AM
#93238
User avatar

natsuto Member

Date Joined Nov 2016
Total Posts: 1
My friend's computer the same problem, and Glary utilities and malicious by a combination of bytes to repair the system.
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Wednesday, December 7, 2016, 1:33 PM (GMT +1)
There are a total of 61,160 posts in 13,449 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 37,967 registered members. Please welcome our newest member, ConcepcionJAbbate.
There are currently no users on-line.