recover a key

T

Tony Young

Hi,

I followed Norton Antivius' instruction to rid Trojan.Vundo. It said I had
to remove the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

Since I had a doubt, I simply changed the key's name from Explorer to
Explorer__. Then my start->programs where I run applications became empty.
I tried to change Explorer__ back to Explorer. But regedit always said
Explorer has been existent, even after I delete Explorer first. Is there a
way to recover my old Explorer? Or, can I copy/paste subkeys from
Explorer__ to Explorer? But I didn't find the paste command in regedit.
Please help me out. I'm kind of stuck. I should have backed up the
registry first. Any help is appreciated.

Tony
 
D

Dave Patrick

Run regedit, navigate to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer_
then File|Export and save the key, then open the *.reg file with notepad.exe
and edit all instances of "Explorer_" to "Explorer", then merge the file
back into the registry.

Always do make a backup before editing the registry.

Programs|Accessories|System Tools|Backup, then choose ERD, then if you check
the box for "Also backup....", then the reg will also be backed up to
%windir%\repair\RegBack
leaving the
%windir%\repair\
directory files intact as original installation.


--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Hi,
|
| I followed Norton Antivius' instruction to rid Trojan.Vundo. It said I
had
| to remove the following registry key:
|
| HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
|
| Since I had a doubt, I simply changed the key's name from Explorer to
| Explorer__. Then my start->programs where I run applications became
empty.
| I tried to change Explorer__ back to Explorer. But regedit always said
| Explorer has been existent, even after I delete Explorer first. Is there
a
| way to recover my old Explorer? Or, can I copy/paste subkeys from
| Explorer__ to Explorer? But I didn't find the paste command in regedit.
| Please help me out. I'm kind of stuck. I should have backed up the
| registry first. Any help is appreciated.
|
| Tony
|
|
 
G

Gary Smith

In addition to Dave's instructions, you should be aware that either you
didn't read the Norton directions carefully, or Norton tech support has
degenerated to a level of incompetence that I had not thought possible.
Deleteing that entire key could not possibly make anything better. If
your system wasn't broken before you did that, it was bound to be broken
afterward.
 
G

Guest

Symantec instructions on this web page:
http://securityresponse.symantec.com/avcenter/venc/data/trojan.vundo.html

include the following:

k. Navigate to and delete the following registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\ActiveState

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
Browser Helper Objects\{02F96FB7-8AF6-439B-B7BA-2F952F9E4800}

Note that the last entry should be read as one long line, so it was not
meant to delete the whole key
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\

I hope this clears up the doubts about Norton tech support.
 
T

Tony Young

Dave,

I understand all you said except for "... merge the file back into the
registry". Did you mean to run regedit and then file/import the *.reg?
Or should I notepad-edit the system's .reg file and paste my
modification? Then where is the system's .reg file? Please advise.
Thanks for your previous email. It helps a lot and gives me some
confidence the system can be recovered.

Tony
 
D

Dave Patrick

Double-click the REG file or right-click on it and choose 'Merge'

--
Regards,

Dave Patrick ....Please no email replies - reply in newsgroup.
Microsoft Certified Professional
Microsoft MVP [Windows]
http://www.microsoft.com/protect

:
| Dave,
|
| I understand all you said except for "... merge the file back into the
| registry". Did you mean to run regedit and then file/import the *.reg?
| Or should I notepad-edit the system's .reg file and paste my
| modification? Then where is the system's .reg file? Please advise.
| Thanks for your previous email. It helps a lot and gives me some
| confidence the system can be recovered.
|
| Tony
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NameSpace\DelegateFolders registry key 3
Backing up/restoring customized Windows Explorer (WE) toolbar? 5
corrupt key? 8
Windows XP Prohibit record run history 0
scripting 3
Changing number of displayed Recent Documents. 5
Where can I get of registry entires that control pane dimensions, columns and widths? 6
Cannot access Folder Options 1

Top