Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Registry Mechanic Won't Repair A Virus?


  • Please log in to reply
2 replies to this topic

#1 LaRouche

LaRouche

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:47 PM

Posted 14 February 2008 - 10:57 AM

My computer was infected, did a system restore which got rid of the virus warnings that kept popping up. But now when I do a scan with Registry Mechanic one error keeps coming up and it won't repair it. I tried TweakNow RegCleaner Standard and it too comes up with the same error. I try to delete it and it says the registry entries are shared with other user account or being protected by Windows and thus can not be safely deleted.

This is the error:
Path: HKEY_CLASSES_ROOT\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32
Value:C:\windows\system32\macromed\flash\flash9c.ocx

Is it a virus? If so how do I get rid of it? If it's a program that I need and is infected how do I fix it? Thanks for the help.

BC AdBot (Login to Remove)

 


#2 rabidsloth

rabidsloth

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:47 AM

Posted 14 February 2008 - 11:40 AM

For one I do not recommend using any sort of registry "fixing" utility. From my experience in IT, they do more damage than good. If you're worried about spyware/viruses, I recommend getting AVG free edition, they have both a free virus and spyware scanner that should take care of most nasty things, but for most malware these days it takes a bit of manual removal as well. I suggest a program called Autoruns, just google it. This will show you ALL of the crap that starts up with your system and where it's located. Really good tool for removing malware. If something looks weird just google the file name and you'll be able to find out if it's legit or not. Try AVG first and see if that takes care of your issue though, and don't trust 3rd party programs to mess with your registry - bad idea.

#3 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,090 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:02:47 PM

Posted 14 February 2008 - 01:55 PM

Please be aware that Autoruns just points to the startup entries for programs - not to the programs themselves. So if you remove the startup entry, the program/malware won't be called at startup - but it'll still be on your system. Manual removal of viruses isn't an easy task, and I'd suggest leaving it to the antivirus scanners and the experts that deal with this on a daily basis.

Is there a file located here: C:\windows\system32\macromed\flash\flash9c.ocx If so, try submitting the file to this website for analysis: http://virusscan.jotti.org/

If it comes up infected, then I'd suggest a visit to the "Am I Infected" forum located here: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users