::REGISTRY EDITING HAS BEEN DISABLED BY UR ADMIN::

[sercor::jhumzki]

---

mag instal koog kapersky i cant put sumthn into my registry...

tungod nani sa brontok or ambot....

a lil help pls.....

[rickmags2000]

Virus na bro WORM.RONB something, try to search for WPROCESS.exe i install na siya mao na alternative sa imo Task Manager kay most likely imo task manager gi disable pod na pati imo dos command line disabled pod so ang Wprocess.exe will enable you to view the processes thats running in your XP try to kill the tree for the suspected process thats hugging your system i google lang den i delete pod kana imo temp file sa internet kay usually anha diha tago ang virus

hope it helps

[c2sea]

Yup sak2 dyd c rickmags2000 virus na sya

Try to install NOD32

and REGEDIT ENABLE para enable sa imong DOS Google lng bro ...

[sercor::jhumzki]

ah naa diay regEdit Enable ang NOD32? hmmmm

but ryt im using kaspersky na nndot di kau samok og dili kau dakog kaon sa memory.

[sunyats3n]

pwede ra mag online scan ka pero did2 sa safe mode nimo buhaton, then clean nimo imong pc... tang tang lagi tanan virus...

[quickflight]

unsa man na antivirus ni makit-an..

[duneman]

yes scan in safe mode but before booting in safe mode, check mo yong turn off system restore. after you have scanned your drive in safemode, reboot and then uncheck Turn off System on all drives.

[tsunade]

Bro. i think most AV's wont detect this kind of attack..its not actually a virus i think correct me if im wrong...
Hmm maybe he is infected with a virus but not that reged thing.

Follow this step ok:

Firstly download a freeware named Rogue Remover "google it"

Rogue - is a fake antivirus/antispyware software that makes pop-up ballons on your tray. (anyone experience this?) its a fraud, part of internet business.

Second download smitfraud fix. after downloading restart your pc to safemode, run smitfraudfix.bat and choose scan only and a log file will pop up. close all windows. Install rogue remover and run the program to scan your pc. after scanning it will detect all fraud files and delete it.

Third restart your pc to normal, if your regedit wont work again just use this script to enable it back:
copy and paste it in notepad and save as regtools.vbs and run it.

Code:

'Enable/Disable Registry Editing tools
'© Tsunade a.k.a. ttray33y - rev 12/06/99

Option Explicit

'Declare variables
Dim WSHShell, n, MyBox, p, t, mustboot, errnum, vers
Dim enab, disab, jobfunc, itemtype

Set WSHShell = WScript.CreateObject("WScript.Shell")
p = "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System\"
p = p & "DisableRegistryTools"
itemtype = "REG_DWORD"
mustboot = "Log off and back on, or restart your pc to" & vbCR & "effect the changes"
enab = "ENABLED"
disab = "DISABLED"
jobfunc = "Registry Editing Tools are now "

'This section tries to read the registry key value. If not present an 
'error is generated. Normal error return should be 0 if value is 
'present
t = "Confirmation"
Err.Clear
On Error Resume Next
n = WSHShell.RegRead (p)
On Error Goto 0
errnum = Err.Number

if errnum <> 0 then
'Create the registry key value for DisableRegistryTools with value 0
	WSHShell.RegWrite p, 0, itemtype
End If

'If the key is present, or was created, it is toggled
'Confirmations can be disabled by commenting out 
'the two MyBox lines below

If n = 0 Then
	n = 1
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & disab & vbCR & mustboot, 4096, t)
ElseIf n = 1 then
	n = 0
WSHShell.RegWrite p, n, itemtype
Mybox = MsgBox(jobfunc & enab & vbCR & mustboot, 4096, t)
End If

restart and if all is back to normal then thanks god. if not post a log.

[sercor::jhumzki]

cool
programmer ka bai?

basin virus ni ha
lols

[arclops]

bro, download UnHookExec.inf from symantec to reset your registry to its default settings..

here......

http://www.symantec.com/security_res...050614-0532-99

just double-click the file..