Choke.exe stuck in registry key

Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

CeaL

Thread Starter
Joined
Oct 31, 2001
Messages
3
I have MSN Instant Messenger and was tricked into accepting and receiving the Choke.exe virus. I've deleted all the files attached to it and everything, but it still remains resident in my registry key. I ran an online virus scan the other day and found loads of infected places. I can't tell if it's spreading and making it worse, or just staying there doing nothing. The online virus scan wouldn't let me deleted the infected areas so I have no idea what to do now to get it out completely. Can someone PLEASE tell me how to remove it permanently, because if it is doing damage, it's been there for about 5 months. Another thing i can't tell is if damage really is being done, it's starting to get annoying. I'm finding programs like MSN IM and Adobe Acrobat freezing. First, the worlds get bulky then the window smears and eventually it crashes (OR,it just freezes itself or my whole system), but closing some programs usually helps. I'm taking a guess that it's my memory, i only have 128MB of it and I usually have Winamp, Audiogalaxy, Internet Explorer, Webshots, Zone Alarm, MSN IM and a couple more running at once.
 
Joined
Oct 29, 2001
Messages
277
Hello, Rog

& thanks for your help

hey can you tell me how did you

find that link if you please
 
Joined
Dec 9, 2000
Messages
45,855
I have a lot of them bookmarked. Too many. It's easier to go to www.google.com and simply enter the virus name and symantec (which consistently has the best details and removal instructions)

for example, the keywords

choke symantec

will take you right to it. Try it for most any common trojan or virus name you can think of.
 
Joined
May 18, 2001
Messages
1,199
Hi Ceal,I see you also have Audiogalaxy.That program is full of spyware,and cause alot of problems.Follow Rollin Rog's advice and remove the choke worm by following the advice from symantec.Once you have done that go here and download a program called Ad-aware5.6.This will remove some of the spyware.

http://www.lavasoftusa.com


You might also want to post what you have running at startup.Go to Start>Run>type in Msinfo32>click on software enviroment>then startup programs>click on edit>copy>and paste your results back here.Having to many programs running will cause your system resourses to run low and cause your system to freeze up.
 

CeaL

Thread Starter
Joined
Oct 31, 2001
Messages
3
I'm gunna mess up my computer if I try to backup the registry key by myself lol. My uncle knows more, I'll ask him.
 
Joined
Dec 9, 2000
Messages
45,855
The dire warnings are a bit over done, but it is worthwhile to know how to backup a key and restore it. Or restore the entire registry if need be.

In this case before you do the deed of deleting the nasty entries in the registry, you can if you want, save the run key for backup.

Here's how you would do it.

>> from start, run regedit
>> click in order:

+ HKey_Current_User
+ Software
+ Microsoft
+ Windows
+ CurrentVersion
RUN

>> With the RUN folder highlighted Click on Registry>Export
>> Enter the name: runkey in the "save as" field
>> save it to your desktop (click the desktop icon if you dont see desktop in the save in field)

> Now the run key has been saved to your desktop; if you need to restore it (I'm sure you won't), you can double click to merge it. Once you are sure everything is ok, right click on it and delete it to prevent accidentally reimporting the virus items you are going to delete.

>> Look in the right hand pane now for these two items:

C:\Choke.exe
C:\ShootPresidentBUSH.exe

>> Right click on each and select "Delete"

>> close the registry editor.

=============================================
(If you ever need to restore a whole registry, you can press the control key as soon as the computer starts to boot. You will see a Boot Menu displayed. Select the "command prompt" option, and at the c:\> prompt enter: scanreg /restore Using the arrow keys, select a "started" registry which precedes current problem.)
 
Status
This thread has been Locked and is not open to further replies. The original thread starter may use the Report button to request it be reopened but anyone else with a similar issue should start a New Thread. Watch our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Members online

Top