Post reply

Name:
Email:
Subject:
Message icon:

Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 10. September 2007., 11:16:42 »

Quote
It may be helpful in a future when and if somebody have similar request.

As you said, that would be a useful information.  ;)

P.S.
I still wait your first topic at Chit-Chat.  ;D
Posted by: SiberLynx
« on: 10. September 2007., 00:47:08 »

Sorry Samker,
I just mislead you a bit
the section HKEY_USERS\S-1-5-21-507921405-113007714-839522115-1003
with those keys just "moved" further down.
It was the first one when I noticed it initially.
Not that I invite you to waste your time with this issue but I felt that I have to give a correct info
It may be helpful in a future when and if somebody have similar request
Thanks
P.S.
found it deeper down under HKEY_USERS because was rechecking my registry search before removing those.
Posted by: Samker
« on: 09. September 2007., 19:12:30 »

 ;D  ;D  ;D

It will be better in CHIT CHAT section.

 ;D  ;D  ;D
Posted by: SiberLynx
« on: 09. September 2007., 18:58:11 »

I hope we will see you here often.  ;)
with real infections? hehehe!
Cheers
Posted by: Samker
« on: 09. September 2007., 18:47:47 »

 ;D

Thanks, that's important information for me.

cya

Samker

P.S.
I hope we will see you here often.  ;)

Posted by: SiberLynx
« on: 09. September 2007., 18:41:33 »

You're Welcome here, any day & any time.  ;)
If you are still here, I have only one more question: How did you find us (SCforum.info) ?
Thanks for welcoming
We all have that thing... what's the name?... Oh!... Google... so I Shmoogled:  "security forums" ;D
Posted by: Samker
« on: 09. September 2007., 18:30:42 »

You're Welcome here, any day & any time.  ;)

If you are still here, I have only one more question: How did you find us (SCforum.info) ?
Posted by: SiberLynx
« on: 09. September 2007., 18:11:03 »

Samke,
I do appreciate your help and time you spent.
Sys restore is On.
I may create a check-point even and kick'em
I'm not going to keep TunUp so... no cleaning using it.
P.S.
Just got very interesting comment concerning this in another forum:
"...it's likely one key that's affected. HKEY_CURRENT_USER is a symbolic link to HKEY_USERS/current-user.
My guess is that it's the result of some anti-malware scan, based on the reasoning that malware is hardly likely to identify itself as malware."
I have a feeling that is is very, very close to some of my deep thoughts.
Thanks again
My best regards
SiberLynx
Posted by: Samker
« on: 09. September 2007., 17:50:49 »


1. Fix all that with TU.

2. Check is it System Restore at your PC turned on if isn't then turn it.

3. Go and manually remove that.
Posted by: SiberLynx
« on: 09. September 2007., 17:39:36 »

Samker,
I did run Tune-up
It found 94 entries which may be cleaned.
Nothing related to the strange entry.
Unfortunately I don't see (probably, yet) the way to save report in TuneUp.
All I see are  crucial at all  and can be cleaned or left for now.
In addition to CCleaner (soft) I have and use some other cleaners (strong), which find more than TunUp.
They are  RegSeeker. RegCure, RegScrab and TrashReg.
The latter can find and remove some stuff - none of the existing Tools can like null-value keys. Sysinternals reg Tool may or may not find them but cannot sometimes delete them...
So Tun-up will not touch questioned "trojan-keys" for sure.
Is it a spacial time to be risky and just remove'em manually?
Regards 
Posted by: SiberLynx
« on: 09. September 2007., 17:00:26 »

K i'm back
I'll try Tune-up now
Posted by: Samker
« on: 09. September 2007., 16:48:19 »

Samker,
Thanks. I was almost sure that hjT report is Ok.
I need to restart my computer and b back in a few minutes.
Funny thing that I looked in registry now
and HKEY_USERS does not have those values at the main nod ??? they are gone!
===
Windows Registry Editor Version 5.00

[HKEY_USERS]
===
It has a correct entry (Default) REZ_SZ (value not set)
which as I understant should look the same in HKEY_CURRENT_USER
The latter still have those two bloody additional entries
Shouldn't I just remove them or you think I need to run tun-up anyway?
Thnks
BRB



Go with TuneUp anyway, you will see that TU is one excelent software.

Posted by: SiberLynx
« on: 09. September 2007., 16:40:52 »

Samker,
Thanks. I was almost sure that hjT report is Ok.
I need to restart my computer and b back in a few minutes.
Funny thing that I looked in registry now
and HKEY_USERS does not have those values at the main nod ??? they are gone!
===
Windows Registry Editor Version 5.00

[HKEY_USERS]
===
It has a correct entry (Default) REZ_SZ (value not set)
which as I understant should look the same in HKEY_CURRENT_USER
The latter still have those two bloody additional entries
Shouldn't I just remove them or you think I need to run tun-up anyway?
Thnks
BRB

Posted by: Samker
« on: 09. September 2007., 16:07:04 »

It's look like your PC is also clean.  ;D

Probably this registry log is from the past, did you have some "infection" in the past time?  ??? That would be one of possibly reasons for this.

Anyway, since you doesn't have any problems with your PC and you also make on-line scan with Kaspersky AV which is (as you said) clean, now we are going to check & fix your registers.

Please download & install Trial version of TuneUp Utilities 2007 http://www.tune-up.com/

After that start TuneUp and go to: Clean & Repair section, 1. run TuneUp Disc Cleaner 2. run TuneUp Registry Cleaner.

Finally, provide us here details what they find & fix.

Posted by: SiberLynx
« on: 09. September 2007., 14:11:20 »

Originally or where I am sitting now?
My mic is switched Off so how could you possibly hear an accent  ::) Damn!
Originally - from Ukraine
Presently - in Australia
...in between ... as far as I remember the aircraft landed in Dubai and then in Singapore ;D
Ok, I am clean after taking a shower. I hope my comp is clean too and will not require a lot of sprinkling.
Cheers   
Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising