regedit.exe

Discussion in 'Malware Help (A Specialist Will Reply)' started by fangy, May 15, 2005.

  1. fangy

    fangy Private E-2

    Hi,
    Is regedit.exe safe to let through my firewall?
    Thanks,
    Fangy.
     
    fangy, May 15, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Why is regedit requesting internet access? This could possibly the one of the baddies that duplicates regedit.exe. To rule this out, follow the below:

    http://www.majorgeeks.com/images/grenade.gif Download HijackThis 1.99.1

    http://www.majorgeeks.com/images/grenade.gif Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    http://www.majorgeeks.com/images/grenade.gif Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    http://www.majorgeeks.com/images/grenade.gifBefore running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    http://www.majorgeeks.com/images/grenade.gifRun HijackThis and save your log file.

    http://www.majorgeeks.com/images/grenade.gif Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    http://www.majorgeeks.com/images/grenade.gifNeed help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
    bjgarrick, May 15, 2005
    #2
  3. fangy

    fangy Private E-2

    I've attached a Hijack This log, In your tutorial it only goes up to 022. In my log it goes up to 023, is this ok?
    Thanks for the help,
    Fangy.
     

    Attached Files:

    fangy, May 15, 2005
    #3
  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Yes, its okay the O23 entries are Services used by Windows.

    Your HJT log is clean, I dont see any problems. Does your firewall give you any file information as in the location?
     
    bjgarrick, May 15, 2005
    #4
  5. fangy

    fangy Private E-2

    The only thing i can find in my Firewall log is, file name..C:\Windows\regedit.exe, version..5.1.2600.21..I didn't allow it to connect and it hasn't asked again, If it does should I allow it?
    Thanks again for your help,
    Fangy.
     
    fangy, May 16, 2005
    #5
  6. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Okay! That is the legit file. If it should request access again I would think it would be ok to grant access as this is a legit file.
     
    bjgarrick, May 16, 2005
    #6
  7. fangy

    fangy Private E-2

    Thank You.
     
    fangy, May 16, 2005
    #7
  8. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Your Welcome!
     
    bjgarrick, May 16, 2005
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds