Somehow the permissions have been changed in registry for the following key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
therefore, everytime I set a program to start when windows starts, it fails to start, and is not listed in above key. In fact, above key is always blank, here lately, since this happened. I have been having to use other programs e.g. WinPatrol to set programs to autostart. Is there a way to repair this key so that it will start programs like I want it to?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Windows Current Version RUN
Windows XP Registry Problem?
January 13, 2010
Windows Vista troubles? Need urgent help.?
November 27, 2009
So I’m getting the ‘vista expiry message’.
Anyone know how to fix this?
I’m guessing this was my own fault. I done a registry clean up before, and I must have messed with some files or something because I read this:
http://www.hobbsknowledgebase.co.uk/wiki/How_To_Activate_Windows_Vista_When_The_Activation_Period_Has_Expired_Without_Having_To_Reinstall_Windows
"Step 1. While running a copy of Windows Vista that hasn’t yet been activated, click the Start button, type regedit into the Search box, then press Enter to launch the Registry Editor.
Step 2. Explore down to the following Registry key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ SL"
So yeah, I’ve fucked something up.
Can anyone tell me where to start to go about fixing this?
Any help would be GREATLY appreciated. Thanks!
Windows Vista troubles? Need urgent help.?
November 21, 2009
So I’m getting the ‘vista expiry message’.
Anyone know how to fix this?
I’m guessing this was my own fault. I done a registry clean up before, and I must have messed with some files or something because I read this:
http://www.hobbsknowledgebase.co.uk/wiki/How_To_Activate_Windows_Vista_When_The_Activation_Period_Has_Expired_Without_Having_To_Reinstall_Windows
"Step 1. While running a copy of Windows Vista that hasn’t yet been activated, click the Start button, type regedit into the Search box, then press Enter to launch the Registry Editor.
Step 2. Explore down to the following Registry key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ SL"
So yeah, I’ve fucked something up.
Can anyone tell me where to start to go about fixing this?
Any help would be GREATLY appreciated. Thanks!
Plsss help .How to delete registry items in windows XP ?
November 19, 2009
Jst two days i switched of my firewall and antivirus and the consequence is
i am in administrator login
i have to delete a bad registry key whick my malware bytes discovered
but its malware bytes and any software not able to delete it
i tried thru regedit.exe
i tried through command prompt using reg command . its also not able to do it (after closing explorer.exe)
i also don have space to repair BY windows XP cd
i also cant delete in any mode (safe mode , cmd mode )
i also cant delete on boot up by sftware
BUt i know its definitely 100 % malware Key
its in winlogon subkey . and another in HK Root ley
i have browsed through all net i havent get any idea
pls help
but don ask me to
reinstall os , search net etc please
I need to win against this
From the ip adress that my firewall bocket during bifferoverflow . the ip adress goes to russia
keys
====
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\… Helper Objects\{3a1d08a3-585e-42ba-bf27-5274d3f… (Trojan.Vundo.H)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\… NT\CurrentVersion\Winlogon\Notify\chjzix… (Trojan.Vundo.H)
HKEY_CLASSES_ROOT\CLSID\{3a1d08a3-585e… (Trojan.Vundo.H)
* 2 days ago
* – 6 days left to answer.
Additional Details
Also i checket permissions . its not allowing me to change . says "permission denied"
But the irritating part is i am in Admin login
What else shud i be to change permissions . OR the i think the malware changed my admin previledges by WINLOGON key
2 days ago
hai
i have used
hijac this , Spybot s&d , malware bytes , mcafe anti malware , and avg anti malware ( worst of all . din even detec it)
everything possible 🙁
my same previous quest was deleted as someone voted for no best answer
sorry for tht
Really bad computer virus problem?
August 7, 2009
I thought I’d solved the problem but it turned out I hadn’t. I got a couple of trojan viruses on my computer the other day, even with NOD32 and Malwarebytes’ AntiMalware, Ad-aware, and Spybot Search and Destroy, which I know are all very good. I scanned with Malwarebytes,and it found two trojans. Here’s the log:
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I deleted the two trojans, so everything was working again (I wasn’t being redirected to other sites on the internet anymore). However, this morning, the same problem has come back. I’m assuming that there is a rootkit installed somewhere, but nothing can find it. I’ve also scanned with VundoFix and RogueRemover, which didn’t find anything either. I scanned with SmitFraudFix, and the log after that came up with a HUGE list of random websites, and then this (sorry for the long question):
Run from C:\Documents and Settings\User\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] – Windows_NT
The filesystem type is
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
”'(The list of lots of websites fits in here)”’
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri’s WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: 3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible) – Packet Scheduler Miniport
DNS Server Search Order: 10.0.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A94E023C-3A73-4B59-B35B-7AB609AC87BD}: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=10.0.0.2
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler’s .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
I’ve tried deleting what SmitFraudFix has found, but it doesn’t seem to work. If I do the scan again on SFF straight afterwards, it finds the same things, but doesn’t delete them.
So, what else is there to do? Haven’t I tried everything? Please don’t recommend programs like AVG, Norton, McAffee and Avast because they are not as good as the ones I am using, and are unlikely to find the rootkit if they better antiviruses can’t.
Thanks!
Clean Registry and Optimize PC
Opinions