Help
This topic is locked
- Please run the MiniRegTool.
- Copy and paste the following in the edit box:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
- Check the Export radio button.
- Press Go button.
- Please either post the log (Result.txt) directly to your reply before doing the next step or rename the file so that it is not overwritten when doing the next step.
- Copy and paste the following in the edit box:
- Please run the MiniRegTool.
- Copy and paste the following in the edit box:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
- Check the Delete Keys/Values including locked/null embedded radio button.
- Press Go button.
- Please post the log (Result.txt) to your reply.
- Copy and paste the following in the edit box:
- Now see if you can work with the system restore.
Forum Guidelines
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help
Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient. DO NOT RUN ComboFix unless requested to. Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
bad image error on exe's and constant redirecting of sites
#61
- Just Curious
-
- Group: Malware Response Instructor
- Posts: 17,817
- Joined: 08-December 07
- Gender:Male
- Location:The Netherlands
Posted 07 August 2011 - 06:35 AM
We have found one of the restrictions. Strange that the earlier search in the registry didn't show it.
Back to top
#62
- Member
-
- Group: Members
- Posts: 41
- Joined: 22-July 11
Posted 07 August 2011 - 08:53 PM
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR"=dword:00000001
#63
- Member
-
- Group: Members
- Posts: 41
- Joined: 22-July 11
Posted 07 August 2011 - 08:54 PM
MiniRegTool by Farbar
Ran by Lily Khoang (administrator) on 2011-08-07 19:54:09
====================================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] deleted successfully.
Ran by Lily Khoang (administrator) on 2011-08-07 19:54:09
====================================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] deleted successfully.
#65
- Just Curious
-
- Group: Malware Response Instructor
- Posts: 17,817
- Joined: 08-December 07
- Gender:Male
- Location:The Netherlands
Posted 08 August 2011 - 04:57 AM
Nice to hear it.
You may now delete all the tools from your computer.
Happy Surfing thundersnow.
You may now delete all the tools from your computer.
Happy Surfing thundersnow.
#67
- Just Curious
-
- Group: Malware Response Instructor
- Posts: 17,817
- Joined: 08-December 07
- Gender:Male
- Location:The Netherlands
Posted 08 August 2011 - 01:32 PM
You are most welcome.
This thread will now be closed since the issue seems to be resolved.
If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.
Every one else should start a new topic.
This thread will now be closed since the issue seems to be resolved.
If you need this topic reopened, please send me a PM and I will reopen it for you. If you should have a new issue, please start a new topic.
Every one else should start a new topic.
