Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Help with Reg-Edit!


  • Please log in to reply
3 replies to this topic

#1 Need HelpWith IS2010

Need HelpWith IS2010

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 17 April 2010 - 06:11 PM

I type in "regedit" into command prompt, and the interface thingy pops up. I am using Windows XP if that needs to be specified as well.

With problems continuing to escalate because of IS2010, I had a question about regedit. I noticed that located in HKEY_LOCAL_Machine\Software\Microsoft\Security Center\, things such as "UpdatesDisableNotify, Firewall Override, AntivirusDisableNotify" etc, continue to appear. If I delete them with Malwarebytes, they simply reappear. Then it struck me, I could possibly modify the binary so it doesn't know what to do? That way, it'll already have the programs there, so it won't renew them, but at the same time they won't be functional. Will this work? Any ideas?

PS: If I am totally wrong about the purpose of binary and it would be totally unrelated, feel free to call me an idiot.

Thanks.

BC AdBot (Login to Remove)

 


#2 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:03:52 AM

Posted 17 April 2010 - 06:39 PM

Unless you know what you are doing in the registry I would avoid doing that. Secondly you should always back up your registry before making changes. see here: http://www.bleepingcomputer.com/tutorials/demystifying-the-windows-registry/ particularly section 4

With regards to your issue take a look here: Remove Internet Security 2010 (Uninstall Guide)

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#3 Need HelpWith IS2010

Need HelpWith IS2010
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 17 April 2010 - 07:10 PM

I've tried that guide many times, as well as others. I uninstalled Superantispyware a while back, and dial-up restricts me from reinstalling it. I have Spybot Search&Destroy as well, but I can't seem to solve the problem with that either. I've tried Dr. Web Cureit as well, but upon opening it, it says that it had not been updated in 340 days, and that it has been updated over 160,000 times since then. Once I try to update it, it says that my free trial has expired(I never even had a trial). Dial-up doesn't allow me to update Malwarebytes', therefore I still have the version downloaded from the March 29th link on the website. (I've tried manually updating as well_if I run the rules, it says I corrupted my current version) There are about 4.46 mb of updates not installed at the moment. I am not having the ave.exe running currently, it is somewhat dormant. Right now, I have the binary of the firewalloverride and stuff modifed to random numbers, as I know binary only functions on 0's and 1's. However, please don't look at that as me being stubborn and disobediant, I ended up doing that before I got any responses. (Also, I had been deleting them for about 2 weeks prior). Someone suggested that I might have had a rootkit, and that's why it won't go away. I ran rootrepeal (probably the only file small enough to finish quickly enough on dial-up before it gets interupted), and the results are all Greek to me. If anyone can make anything of it, please say so, and I'll try to figure out how to upload a print screen of it...

Thanks for the speedy response Animal.

#4 Need HelpWith IS2010

Need HelpWith IS2010
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:06:52 AM

Posted 17 April 2010 - 07:15 PM

!!!!!

Under proccesses, rootrepeal found "Function Name: -NtConnectPort- Module: <Unknown> Hooked: -Yes-"

Should I force delete this? or wipe it? or unhook it?

Thanks.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users