frayed
February 20th 04, 04:24 AM
I am running Windows XP Pro.
When trying to open regedit I receive the message: ""Registry editing has been disabled by your admin"
This I'm fairly sure is the result of having foolishly acquired a virus identified by Pc Cillin as TROJ_SAGIC.15.
I searched the virus database at pc cillin, and it doesn't have an explaination of how to remove Sagic.15, only information on other variants of the virus.
The same applies when searching symnatec.
I figure my best bet is to follow the procedures outlined in the other variants as best as possible.
All the information on the other variants requires that you delete a registry key at one point, which I am unable to do since I cannot open regedit.
It is acknowledged in in some of the virus database articles that a version of sagic can disable regedit, however it doesn't explain how to reenable this.
1. Does anyone know how I can enable registry editing again?
I tried system restore, but that didn't work.
There is only one user account set up on this pc, and that happens to be an admin account. So according to the error message the admin has disabled access to regedit on their own account.
Pc Cillin has quarantined the infected files. The infected files are
a) regsvr.exe
b)2 files in c:/ system volume info/_restore(LOTS OF RANDOM CHARACTERS HERE).
2. Is it ok to delete these files or are they important to operating Windows?
3. Anyone know how I can rid of this virus for good, short of a clean reinstallation?
All help would be greatly appreciated.
I realise it was due to my own stupidity that I acquired this virus. I've spent the last 3 hrs searching the web for a solution. Please spare me the lecture.
When trying to open regedit I receive the message: ""Registry editing has been disabled by your admin"
This I'm fairly sure is the result of having foolishly acquired a virus identified by Pc Cillin as TROJ_SAGIC.15.
I searched the virus database at pc cillin, and it doesn't have an explaination of how to remove Sagic.15, only information on other variants of the virus.
The same applies when searching symnatec.
I figure my best bet is to follow the procedures outlined in the other variants as best as possible.
All the information on the other variants requires that you delete a registry key at one point, which I am unable to do since I cannot open regedit.
It is acknowledged in in some of the virus database articles that a version of sagic can disable regedit, however it doesn't explain how to reenable this.
1. Does anyone know how I can enable registry editing again?
I tried system restore, but that didn't work.
There is only one user account set up on this pc, and that happens to be an admin account. So according to the error message the admin has disabled access to regedit on their own account.
Pc Cillin has quarantined the infected files. The infected files are
a) regsvr.exe
b)2 files in c:/ system volume info/_restore(LOTS OF RANDOM CHARACTERS HERE).
2. Is it ok to delete these files or are they important to operating Windows?
3. Anyone know how I can rid of this virus for good, short of a clean reinstallation?
All help would be greatly appreciated.
I realise it was due to my own stupidity that I acquired this virus. I've spent the last 3 hrs searching the web for a solution. Please spare me the lecture.