Virus and Registry

[Nikhilsam]

Almost all of the viruses or worms etc., when infected, disable the system registry, msconfig etc. So is there any way to enable the same without the help of antivirus.

 

[dOm1naTOr]

Its not like that. There are very rare viruses that does what u said. Anyway whats the problem in installing an antivirus like the AVG 7.6??

 

[nileshgr]

^^ Yeah. What's the problem for installing an sturdy antivirus like AVG, Avast, etc. If the question is of money, i suggest you to use Avast.

 

[dOm1naTOr]

AVG too is free man, and won't slow down ur PC as Norton does. Its fast on scanning and is the best ive used. Get the latest version on this month's Digit DVD.

 

[Pathik]

AVG and AVAST r the best... and free too...
in case of firewalls u can try zonealarm or comodo..

 

[nileshgr]

Norton is Worst!

 

[ravi_9793]

online scan is best remedy

 

[redhat]

PM me if you want an external registry editor, that ive written in VB. I think that it should work, even while regedit.exe has been disabled, though ive never tried it on a PC where registry has been disabled. U can well try it

 

[Vishal Gupta]

It'll help:

*www.thinkdigit.com/forum/showthread.php?t=43523

 

[abhijangda]

Yes, there are ways to enable the registry. Downld a registry tool from any webbsite I will recommend RegAnalyzer. Search for a string DisableRegistryTools. Set it's value to 0. And registry will be enabled.

 

[src2206]

All the viruses do not do that, though some do, like Alcan/Alacra/P2p Worm, SDBot, some rootkit infections, Boran, Brontok etc. Generally AVs take care of the main file [ie the installer], but I have never seen that a AV can clean the infected machine completely and the infection remains in a strength enough to wreck your PC. AVs are generally ineffective against Driver rootkits like Microsoft API Helper [its a malware and not from Mocrosoft]. You need specialized tools and people to clean your PC.

To cut the long story short, there is no commercial AV available which even touch the drivers and hence can not or does not tackle driver based malwares.
One more example is Rustock, this crappy is out there for quite a long time, but none odf the AV can either recognize or delete it.


This is the reason why it is said that Prevention is Better than Cure. You need all sorts of security application running beside your AV like a Firewall, AntiSpyware [Spybot S&D with Teatimer enabled], SpywareGuard and SpywareBlaster. MVPS Hosts Files, IE Spayed and McAfee Site Advisor.

Had the AVs been enough you would not need all these.

 

[sumeetindia]

Some Virus's can disable the Task Manager and Redigit, they do this to make cleansing the system a more daunting process.
We can deal with this in a number of ways. The easiest solution to Enable Task Manager:

Click Start/Run now copy this EXACTLY as it is shown here and paste it to the Run Box and click Ok:

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

That should Enable the Task Manager.

Now for the Regedit:

Please open Notepad and copy and paste this to notepad EXACTLY as shown here:

REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=dword:00000000

Save it as unlockreg.reg

Once saved, double click Unlockreg.reg and merge the file to your Registry.

This should sole the problem for you.
Hope this helps you
BTW I have checked this in XP only havent checked in other OS.

 

[Nikhilsam]

Thanks! that's a good list.

 

[src2206]

If you are infected with something like Alcan and the source is still there in your PC then this script will not help you much. Your Regedit and taskmanager will be disabled again.