Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Grinler,Two entries not on the list


  • Please log in to reply
1 reply to this topic

#1 Bob6372

Bob6372

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:14 PM

Posted 20 May 2010 - 01:03 PM

Hi, Grinler

Iíve got two startup entries not on your list.

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ 1 File not found: ŕ
+ 2 File not found: ŕ

They have the ability to clone most startup entries, and they canít be permanently
deleted.
Not yet anyway, Iím still trying.
I have known of there presence for just over a year now.
The only way I notice there presence was when I attempted to disable them
There has to be lots of computers that have this problem.
Is it malware or just a bad uninstall, there is plenty of them around isnít there
Most of the malware programs Iíve used are in that category

The information I got from ďProcess MonitorĒ boot log was the following.
Process name:Explorer.exe
PID:1492
Operation:Reg Enum Value
Results:success
Index:0
Name:1
Type:Reg Binary
Thread:1804
Length:4
Data:07 05 DA7

This instance happens very fast.
There is no application that Iíve tried that can catch the TID relating to this instance
If you know of one, please let me know.
I will gladly give you more information about these startup entries, just ask

Bob

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:07:14 AM

Posted 02 June 2010 - 11:34 AM

Sorry for the delay in getting to this. Unfortunately, without more specific information as to the names of the run entries, the filepaths, etc I cannot add them to the database.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users