Help- registry cleaning!

Here is the thread from where I was directed here-with screenshots

http://forums.majorgeeks.com/showthread.php?t=104088

The worm I have killed was Worm/Stration.c-Avira's name
And deleted the Email That came in the same time when I detected this worm-
The email was a worm/virus email

Since then - no detection


I have scaned with
AVPE Classic
Dr Web cure it
Stinger
Kaspersky 4.5 (backup av)
Check it.bat
Kaspersky online

They all say I'm clean

I want to try Panda Active Scan to be sure.I need to reinstall it and need to clean the registry of the remains of previous unsuccesfull installation
Help if you can

I'll post a hijackthis log in my next post

 

fresh HJT log in attachment

 

the log is only as a refference
I'm here because I was told to come here
didn't want to bother you
Thanks

 

Can you please help so I can scan

 

I'll copy/paste the Post from Software if that will help - screenshots are there , follow the link in the first post


Windows XP(NT)SP2 256MbRAM-currently 2.00Ghz

I had some trouble with installing Panda Active scan

- mistakenly denied acces to some file while downloading Active X from
Panda and couldn't install PAS.


I have cleaned everything except the Registry

-two entries( 1 + 1 with, I guess subkeys) when I open Registry Menager and about 15 in CCleaner's Issues.

I need help with cleaning.
don't know what to delete.



Also I have 2 Obsolite keys in CCleaner's Issues - PepiMK Software( Spybot)
I couldn't install Spybot for a long time, and that is supposed to be because I have lost one Memory Module, but maybe these Obsolete keys could be the problem.

 

The worm was in the browser-profiles-cache

Probably on this site when I was attempting to find any information on the infected mail-attachment-here

This is only for the Majorgeeks to see -you can scan it with any av extension for browser

ttp://blog.gmane.org/gmane.comp.t2.devel?set_skin=leftmenu

There is a downloadable file

I left out "h" in the begining to avoid link

 

I had a problem with Panda Active scan installing,
then uninstalling,
but I solved it deleting everything concerning PAS-and the registry keys and entry's and Active X issues in CCleaner

And scaned after with Panda - clean


Spybot is uninstalled
I have tried many times to reinstall, and I thought it was due to memory modul loss
, tried the fix file from Safer networking but nothing

I have found two Obsolite Keys from Spybot and in the Registry Editor there is an entry too for Spybot- PepiMKSoftware

The error message for Spybot was that the Application (Spybot) has changed since it was installed- check for malware since Spybot doesen't change itself
(This is a bug in Spybot-That is why there is fix for it)

I was trying to install Spybot, and see if the keys were the issue
or losing the memory module

About Malware-All the scans that I did said that I'm clean
The last I did was Panda

I can try your tool for registry
Thanks
I will reply
As soon as I finish

 

Finished this si form the WPad


REGEDIT4
; RegSrch.vbs © Bill James

; Registry search results for string "PepiMK" 10/8/2006 1:38:02 AM

; NOTE: This file will be deleted when you close WordPad.
; You must manually save this file to a new location if you want to refer to it again later.
; (If you save the file with a .reg extension, you can use it to restore any Registry changes you make to these values.)


[HKEY_LOCAL_MACHINE\SOFTWARE\PepiMK Software]

[HKEY_USERS\S-1-5-21-1547161642-926492609-725345543-1003\Software\PepiMK Software]

 

I'm sorry for responding with all this this late
And thaks

 

sorry I accidently Pasted the report
I don't know why
Sorry

There is attached version
in the thread
so you can find my topic

 

here

 

This is the Spybot name registry search

 

Do I wait or give up?

 

Sorry

1- I'm not working with anyone, and I know that it is a bug - because it is on their site- in their FAQ - How to uninstall

2- It is not currently installed, but I wanted to install again and didn't want to have any problems with it-And it is not in Add/Remove

I wanted to do this in the software section but since I had that worm problem (that is supposed to be solved) I was sent here

(I even scaned with Blacklight- nothing found )

Thanks

 

thanks

 

Everything ok. spybot installed

THANKS