Solved Trogans causing blue screen

broni · 2012/01/08

Without knowing what exactly your friend can see I can't comment.

As for IE, again, it's a subject to a different forum.

KRB · 2012/01/08

Well if I knew how to post a copy of the registry I would for you to see. As for IE it was a smple setting hidden away that was locking the toolbars.

this isnt everything but its a start, also when you type %SystemRoot% in windows explorer it redircts to the windows folder
REG Cleaner found the below but when it tryed to remove it gave the errors below it

RegCleaner 4.3 by Jouni Vuorio
These entries are found to be useless and they should be safe to remove
[syntax: Root, Key, Entry's name, Value, Last modified ]

HKEY_LOCAL_MACHINE, Software\Microsoft\Windows\CurrentVersion\App Paths\CFSServ.exe, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \.dat, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \.nls, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISbmpfile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISemffile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISgiffile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISjpegfile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISpngfile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OIStiffile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \OISwmffile, {KEY}, {KEY}, N/A
HKEY_CLASSES_ROOT, \PCBFile, {KEY}, {KEY}, N/A
HKEY_LOCAL_MACHINE, software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/Windows/Downloaded Program Files/gp.ocx, {KEY}, {KEY}, N/A

==========
Errors

--Error report-----
Error message: File access denied

--Addition information-----
RegCleaner version = RegCleaner 4.3, Build: 780
Idler.Enabled = True
Section = Registry Cleanup
System mode = Normal
Cleanup mode = Cleanup
NT Mode = True
Win2k Mode = True
Administrator = True
Debug mode = False

--Action Log-----
Select lang
Language: C:\Program Files\RegCleaner\languages\English.rlg
Column mode change
Start 4
Section: Software
DeleteDupes
Column click
Started
LoadColumnWidths
TabChange
Section: StartUp
DeleteDupes
LoadColumnWidths
TabChange
Section: Uninstall
DeleteDupes
LoadColumnWidths
TabChange
Section: StartUp
DeleteDupes
LoadColumnWidths
Done button
LoadColumnWidths
Cleanup Start
LoadColumnWidths
Cleanup Stop
LoadColumnWidths
Remove
RemRegCleanup
RemoveRegDir

broni · 2012/01/08

Leave registry alone.
Those are dead RegCleaner leftovers and they don't bother anything.

when you type %SystemRoot% in windows explorer it redircts to the windows folder
Click to expand...

This is exactly where it should point you to.
I can only wonder how your friend got that job

KRB · 2012/01/08

ok I just wanted to double check with you before I returned the laptop to its owner.

Thank You again and this computer will be going back to its owner later this evening.

broni · 2012/01/08

You're very welcome

Log in or Sign up

Solved Trogans causing blue screen

broni Moderator Malware Analyst

KRB Inactive Thread Starter

broni Moderator Malware Analyst

KRB Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Log in or Sign up

Solved Trogans causing blue screen

broni Moderator Malware Analyst

KRB Inactive Thread Starter

broni Moderator Malware Analyst

KRB Inactive Thread Starter

broni Moderator Malware Analyst

Share This Page

Useful Searches