Jump to content

Recommended Posts

Under Windows Vista Home Premium 64-bit:

I got a CLSID key that I cannot remove. I suspect this to have been part of a trojanhorse keylogger thing that was removed early on. Now Malwarebytes doesnt pick up anything and other progs dont as well so I thought this might be from my firewall or antivirus-spyware programs but from what I read CLSID is for Active X controls and I should be able to delete them all but thats the problem.

Inside the CLSID folder there's only a folder called "Programmable" with an empty key. Its an empty value key that the reg cleaner picks up but cannot delete because its locked. This key oddly shows up twice as the same key under the registry cleaner. That is how I initially discovered it. So again there are two keys that are picked up by the reg cleaner with the same CLSID number.

I have tried RegAssassin and it did not work even in safe mode. I have messed with the permissions and could not get it to delete it because of OWNER OPERATOR. Now OWNER OPERATOR has changed to RESTRICTED. Through this forum I have learned of MS DaRT but I guess that would require me to purchase it in which I cannot do. And even if I did I do not know how to use ERD to remove the key. Like I said the progs I have dont pick up anything. Does anyone have any ideas or suggestions besides killing my OS and wiping the drive?

"In response and direction from my other forum post I ran DDS and the other one and have attached the files. The ark is empty it didnt pick up anything,"

Link to post
Share on other sites

  • 2 weeks later...

Hello and welcome to Malwarebytes.

I Apologize for the late response.

If you still require assistance, we would like to see the latest state of your system. So, please take a read in this thread on instructions on running the tools and posting the logs for instructions: http://www.malwarebytes.org/forums/index.php?showtopic=9573

In your reply, I would also like to know any symptoms you may still have and how your computer is running at the moment.

Please note that the forum is very busy and if I don't hear from you in five days this thread will be closed.

With Regards,

Extremeboy

Link to post
Share on other sites

Hello.

Are you still there? Do you still require help?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 7 days from the last day I replied initially, the topic will need to be closed.

Thanks for understanding.

With Regards,

Extremeboy

Link to post
Share on other sites

Hello.

Due to Lack of feedback, this topic is now Closed.

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.

This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,

Extremeboy

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.