Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

looks like virus-unable to edit registry & install any ap, TaskManager grey out


  • This topic is locked This topic is locked
17 replies to this topic

#1 aszx333

aszx333

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 26 June 2016 - 02:38 AM

I am unable to unable to install new apps, unable to open my regisry, task manager is greyed out.

 

The message pops up "Registry editing has been disabled by your Administrator"

 

This is newly installed window as yesterday my old also got same message & all my apps/programs crashed, so i thought re-installing with complete formatting of window drive will solve my problem, but even on new window the problem remains.

 

I have tried almst every option available on net to enable my registry editing but none worked.

 

This issue is also not allowing to install Malwarebyte for any scan of malware etc.

 

Plz help me out.

Attached Files



BC AdBot (Login to Remove)

 


#2 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 27 June 2016 - 06:08 AM

:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


Did you create this file:
C:\Users\Administrator\Desktop\Registry Edit.vbs
 

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#3 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 27 June 2016 - 03:48 PM

Thanks Jo

 

Yes the file "C:\Users\Administrator\Desktop\Registry Edit.vbs" is created by me, as I was repairing registry editor.

I read this method on some internet forum.

 

Here's Log of Security Check

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  

 Windows 7  x86 (UAC is disabled!)  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Google Chrome (51.0.2704.106) 
 Google Chrome (SetupMetrics.pma..) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 19% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log`````````````````````` 
 
 
Here's Log of MBAR
No threat was found in MBAR scan
 
 

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2016.06.27.06
  rootkit: v2016.05.27.01
 
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
UMAR :: UMAR-PC [administrator]
 
6/28/2016 1:16:44 AM
mbar-log-2016-06-28 (01-16-44).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 279717
Time elapsed: 11 minute(s), 25 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 

 

Here's Log of AdwCleaner

 

# AdwCleaner v5.200 - Logfile created 28/06/2016 at 01:31:25
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 7 Professional  (X86)
# Username : UMAR - UMAR-PC
# Running from : C:\Users\UMAR\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\lavasoft\web companion
Folder Found : C:\ProgramData\Application Data\lavasoft\web companion
Folder Found : C:\Users\UMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
Key Found : HKLM\SOFTWARE\Lavasoft\Web Companion
 
***** [ Web browsers ] *****
 
[C:\Users\UMAR\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : lkemddiljapcmhicklfpcbpfffahfbja
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2588 bytes] - [27/06/2016 00:18:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2162 bytes] - [27/06/2016 10:42:13]
C:\AdwCleaner\AdwCleaner[S1].txt - [2294 bytes] - [27/06/2016 00:11:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [2147 bytes] - [27/06/2016 10:41:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [1431 bytes] - [28/06/2016 01:31:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1504 bytes] ##########
 
 
Waiting further for your guidance


#4 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 27 June 2016 - 04:16 PM

Hello,

:step1: Run Malwarebytes Anti-Rootkit again: Right-click mbar.exe and select Run As Administrator
  • Scan your system for malware
  • If malware is found, click on the Cleanup
  • button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • then please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step2: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Cleaning button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step3: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#5 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 27 June 2016 - 06:04 PM

Everytime the system reboot, an error comes "Visual C ++ 2005 redistributable"

 

Also I have already uninstall "superantispyware" but after every reboot it again appears on desktop & in taskbar

 

Kindly also guide me for some suitable Antivirus as I don't have one right now & i am using MBAB for this purpose.

 

:step1:  Malwarebytes Anti-Rootkit

 

No threat was found by MBAR

 

:step2: Here's Log for AdwCleaner.exe

 

# AdwCleaner v5.200 - Logfile created 28/06/2016 at 03:29:52
# Updated 14/06/2016 by ToolsLib
# Database : 2016-06-26.1 [Server]
# Operating system : Windows 7 Professional  (X86)
# Username : UMAR - UMAR-PC
# Running from : C:\Users\UMAR\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\ProgramData\lavasoft\web companion
[#] Folder Deleted : C:\ProgramData\Application Data\lavasoft\web companion
[-] Folder Deleted : C:\Users\UMAR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
 
***** [ Files ] *****
 
 
***** [ DLLs ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lkemddiljapcmhicklfpcbpfffahfbja
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
 
***** [ Web browsers ] *****
 
[-] [C:\Users\UMAR\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : lkemddiljapcmhicklfpcbpfffahfbja
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C1].txt - [2588 bytes] - [27/06/2016 00:18:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2162 bytes] - [27/06/2016 10:42:13]
C:\AdwCleaner\AdwCleaner[C3].txt - [1410 bytes] - [28/06/2016 03:29:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [2294 bytes] - [27/06/2016 00:11:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [2147 bytes] - [27/06/2016 10:41:14]
C:\AdwCleaner\AdwCleaner[S3].txt - [1583 bytes] - [28/06/2016 01:31:25]
C:\AdwCleaner\AdwCleaner[S4].txt - [1656 bytes] - [28/06/2016 03:28:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1775 bytes] ##########
 

 

:step3: Here's log for Junkware Removal Tool

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 7 Professional x86 
Ran by UMAR (Administrator) on Tue 06/28/2016 at  3:51:48.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 10 
 
Successfully deleted: C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9410NUDK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M0WYM47C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1SI9I28 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PKSXEJJK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S54JEA78 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9410NUDK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M0WYM47C (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M1SI9I28 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PKSXEJJK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S54JEA78 (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 06/28/2016 at  3:53:58.44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 28 June 2016 - 02:51 AM

Hello,
 

***


Copy FRST / FSRT64.exe to your desktop!

Log on to all your user accounts now - without restarting !

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt




Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
S3 RTSTOR; system32\drivers\RTSTOR.SYS [X]
Task: {1D125786-F800-4AD7-AD6C-36B51521A23C} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-05-27] (Reimage®) <==== ATTENTION
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\...\Policies\system: [DISABLETASKMGR] 1
HKU\S-1-5-18\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-18\...\Policies\system: [DISABLETASKMGR] 1

EmptyTemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again as Administrator like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#7 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 28 June 2016 - 05:42 AM

Dear Jo

 

Please clarify this point 

 

Copy FRST / FSRT64.exe to your desktop!

 

Did  you mean to download FRST and save on desktop?

FRST64.exe mean for 64 bit, but my system is 32 bit.

 

Kindly clear my points.

Thanks



#8 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 28 June 2016 - 05:47 AM


Your log shows you were running FRST.exe from there:

C:\Users\UMAR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E9O6GU2B

If you have 32 bit OS you need FRST.exe !

Copy or download FRST.exe now to your desktop to run the fixlist please.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 29 June 2016 - 12:55 AM

Fix result of Farbar Recovery Scan Tool (x86) Version: 28-06-2016
Ran by UMAR (2016-06-29 10:41:47) Run:1
Running from C:\Users\UMAR\Desktop
Loaded Profiles: UMAR (Available Profiles: UMAR & Administrator)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
S3 RTSTOR; system32\drivers\RTSTOR.SYS [X]
Task: {1D125786-F800-4AD7-AD6C-36B51521A23C} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2016-05-27] (Reimage®) <==== ATTENTION
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\...\Policies\system: [DISABLETASKMGR] 1
HKU\S-1-5-18\...\Policies\system: [DisableRegistryTools] 1
HKU\S-1-5-18\...\Policies\system: [DISABLETASKMGR] 1
 
EmptyTemp:
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found. 
RTSTOR => service removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D125786-F800-4AD7-AD6C-36B51521A23C} => key not found. 
C:\Windows\System32\Tasks\ReimageUpdater => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ReimageUpdater => key not found. 
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => value not found.
HKU\S-1-5-21-971697514-1962752975-4212416763-1001\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DISABLETASKMGR => value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableRegistryTools => value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DISABLETASKMGR => value not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22976391 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 19345633 B
Edge => 0 B
Chrome => 218546841 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 65960 B
LocalService => 132244 B
NetworkService => 80792 B
UMAR => 121462849 B
Administrator => 13753310 B
 
RecycleBin => 554446143 B
EmptyTemp: => 914.8 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 10:42:30 ====


#10 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 29 June 2016 - 12:56 AM

A message is continuously poping at the start of windows

 

"Microsoft Visual C++ Runtime Error"



#11 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 29 June 2016 - 03:29 AM

Can you edit registry & install any apps now?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#12 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 29 June 2016 - 03:53 AM

Yes I can edit / open registry & I can also install new apps



#13 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 29 June 2016 - 04:37 AM

Yes I can edit / open registry & I can also install new apps

Ok, then your main problem is solved.

Uninstall Microsoft Visual C++ 2005 Redistributable.
You can do this via Start > Control Panel > Programs and Features.

Reinstall it from https://www.microsoft.com/en-us/download/details.aspx?id=5638

Edited by Jo*, 29 June 2016 - 04:39 AM.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#14 aszx333

aszx333
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:07:29 PM

Posted 30 June 2016 - 03:22 AM

Yes Thanks Jo,

main problem solved.

 

 

This problem (C++ problem) persists even after again re-installing.

 

Should I post this issue on some other section forum???



#15 Jo*

Jo*

  • Malware Response Team
  • 3,292 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:29 PM

Posted 30 June 2016 - 03:45 AM

Should I post this issue on some other section forum???

Yes, but later.
 
---
 

Also I have already uninstall "superantispyware" but after every reboot it again appears on desktop & in taskbar
Kindly also guide me for some suitable Antivirus as I don't have one right now & i am using MBAB for this purpose.


Choosing an Anti-Virus Program

---

superantispyware uninstaller:
32 bit:
http://www.superantispyware.com/downloads/SASUNINST.EXE
64 bit:
http://www.superantispyware.com/downloads/SASUNINST64.EXE

---


Please run ESET Online Scanner now.
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
Open the scan log and copy and paste the content to your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users