Registry repair after running all suggested malware removal tools.

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Gwho, Jul 2, 2011.

  1. Gwho

    Gwho Private E-2

    Hello and Thanks in advance. I ran all tools to get a chance to ask someone how to repair the registry in my windows 7 64 bit system. It's new but has crashed multiple times. I was tired of restoring to factory settings.

    It seems that someone with physical access during the 3 months I've owned it has changed settings so they can receive reports from this computer. Help!
     
    Gwho, Jul 2, 2011
    #1
  2. Gwho

    Gwho Private E-2

    eMachines EL1352G-41w, AMD Anthon IIx2 220 Processor 2.8 GHz, 2.00 GB (1.75 usable), 64-bit operating system, Windows 7 Home Premium Service Pack 1, ZyXEL EQ-660R-F1 ADSL Router on single phone line 1.5 max (out in the sticks), No wireless connections, HP OfficeJet 5610v All-in-One (won't print), NVIDIA nForce 10/100/1000 Ethernet, worked fine till I left town. Have restored to factory 5 times. Some registry files are missing, and I don't have permission to change them. Files from Malware scans attached.

    Hope this is all correct. Poke me in the eye if not! ~G
     

    Attached Files:

    Gwho, Jul 2, 2011
    #2
  3. baklogic

    baklogic The Tinkerer

    Click Start
    Right click on 'Computer'
    Click properties
    Click the remote tab (IN THE SMALL BOX THAT COMES UP)
    Remove tick remote assistance settings, (IF PRESENT)
    under the lower 'Remote DeSktop'
    Make sure the Don't allow connections to this computer is chosen
    Click Apply, click OK
     
    Last edited: Jul 2, 2011
    baklogic, Jul 2, 2011
    #3
  4. Gwho

    Gwho Private E-2

    Thanks baklogic,
    I did as you suggested, but still have registry errors. Unable to update some software or drivers. Is there an online list anywhere which shows standard windows 7 64-bit registry values that should or should not be present?

    Unable to delete and reinstall HP printer software. Says I need to contact administrator, although I'm running as an Admin. already. Microsoft says call the manufacturer... Manufacturer says do factory restore, which I have done 5 times over past 2 months. Still have same problems after restarting computer. i.e. I lose administrative control and cannot update software, drivers, etc. Then emails are compromised, and windows troubleshooter will not run. Have previously removed 2 different keyloggers over 6 weeks ago.

    After following your suggestion, Firefox finally updated to 5.0 (6 attempts). Have worked with this for 2 months with no permanent success. 2 XP computers crashed, so purchased an Apple Mac Mini. It lasted 4 months. Bought this system in April hoping to get by until I could figure out culprit. Even ate up my 1 TB external backup drive this time. I'll pulling hair and screaming at the ceiling... LOL.... Helppppppp
     
    Gwho, Jul 2, 2011
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    You are not having malware problems based on these logs so I may be moving this back to the Software Forum soon but I do want to run two other scans which I will post don't below after the following notes.

    You need to clarify what you are calling "registry errors" and how you are detecting them. If you have restored to factory settings multiple times and still believe you are having registry issues then I would suggest that you stop using any registry cleaning tools that you are using because you are being mislead. Even on a brand new machine fresh out of the box, registry cleaning programs will falsely tell you of all kinds of registry issues which are not issues at all. Cleaning the registry is a very controversial topic, but all malware removal experts and mosts Windows OS's experts will tell you that you should never run registry cleaning programs. Especially if you are just going to fix everything they show which is an extremely bad idea and also is the reason for many people breaking their Windows OS.

    If you are having problems with LOCKED registry entries or locked files, this is a problem that seems to be fairly common with Vista and Windows 7 and I'm not sure that I have ever seen any real reason why this occurs or how to fix them. Reinstalling should fix them if reinstalled properly and if you restored using a factor image, I would expect this to repair them. Just don't run any registry repair/cleaning tools after doing the reimage.



    Goto the below link and follow the instructions for running TDSSKiller from Kaspersky
    Be sure to attach your log from TDSSKiller



    Please also download MBRCheck to your desktop
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
    • Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )
     
    chaslang, Jul 2, 2011
    #5

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds