Write To The Registry Issue Windows 7

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Journeyer, Aug 2, 2015.

  1. Journeyer

    Journeyer Private E-2

    Ccleaner ran with no problem with 972mb removed. I typically run this program about once a week.

    The five specified programs ran without a problem and the logs are attached. I accidentally deleted ask.com, the only thing HitMan Pro found. I realize that the instructions are not to delete any item.

    I am concerned that a long time used program, WinPatrol http://www.winpatrol.com/ is having a problem writing to the Registry. Among other things, this program detects and warns of new start-up programs. This information is saved to the Registry so that repeat pop-up messages for the same program are not repeated. There is a failure writing to the registry and warning pop-up message repeat constantly for every start-up program.

    The WinPartol support group has analyzed their diagnostics. The see the problem but do not see a cause. I am contacting Major Geeks to see if some form of Malware is creating the registry write problem

    I appreciate your assistance.
     

    Attached Files:

    Journeyer, Aug 2, 2015
    #1
  2. Journeyer

    Journeyer Private E-2

    Apparently I did not include RogueKiller log in my initial post. In looking back at the instructions and at my results, the file in ...
    ... ProgramData/RogueKiller/Logs is a .JSON file rather than a .log file.

    I re-ran RogueKiller with the same result. I exported the to a .txt file. I will attempt to attach both files, but it looks like .JSON is not supported for upload.

    Please help me clarify the RogueKiller report file type ...
     

    Attached Files:

    Journeyer, Aug 2, 2015
    #2
  3. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    Not seeing any malware at all in those logs - Only thing I would question are these:
     
    Kestrel13!, Aug 3, 2015
    #3
  4. Journeyer

    Journeyer Private E-2

    Thanks for the response Kestrel13!

    It's good to know that you are not seeing malware. The Qui***.tmp files are left over files from some Quicken operation. They are safe to remove as long a Quicken is not running. I'm not sure about the uninstall .exe and .dat files in AppData/Roaming.

    I am really concerned about he failure to write to the Registry with WinPatrol. I could attach a little snippet from their diagnostics, if it might help you help me out of a jam. I assume you see nothing in the original logs that indicate any write to registry problem.

    Again ... thanks for the help ...
     
    Journeyer, Aug 3, 2015
    #4
  5. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    I would post about the problem in the software forum as i'm not seeing any malware ;)

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others) and running MGclean.bat did not remove them, you can delete these files now.
    3. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    5. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

    8. After doing the above, you should work thru the below link:
     
    Kestrel13!, Aug 3, 2015
    #5
  6. Journeyer

    Journeyer Private E-2

    Thanks for your help, Kestrel13!.
     
    Journeyer, Aug 3, 2015
    #6
  7. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    You're most welcome. :)
     
    Kestrel13!, Aug 3, 2015
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds