Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

All means of registry editing disabled


  • Please log in to reply
1 reply to this topic

#1 xmarxtehspot

xmarxtehspot

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:27 PM

Posted 22 March 2010 - 11:46 AM

Okay, I'm helping a nontechnical friend with a nasty rogue antivirus, Vista Smart Security 2010.

REGEDIT is of course disabled, but this malware version has gone one step cleverer. The removal methods I've seen so far start with restoring *.exe functioning by creating a text file named something like "exefix.reg" and executing it directly to patch the registry. HOWEVER, even this fails because the malware has set a group policy to prevent THAT as well! And then of course, the malware pulled up the ladder behind itself, so that you can't find or edit that policy, even logged in Safe Mode. Is there some other way, short of OS reinstall, to restore enough function to get legitimate removal tools working?

BC AdBot (Login to Remove)

 


#2 techextreme

techextreme

    Bleepin Tech


  • Members
  • 2,125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Pittsburgh, PA
  • Local time:06:27 PM

Posted 22 March 2010 - 01:28 PM

Please refer to these removal instructions posted here. Once you have gone through these instructions, please post your malwarebytes log.
Techextreme

"Admire those who attempt great things, even though they fail."

-- Seneca




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users