Jump to content
rjzdanis

Cannot remove detected registry threat

Recommended Posts

rjzdanis   

Hi all.

 

After removing a registry threat and rebooting, the same threat reappears (see below for detail).  I have noticed that just as SAS prompts me with the success and reboot message, I also get a message from Avira indicating that it has blocked my registry.  I'm inclined to think that Avira is actually preventing SAS from completely removing the offending registry entry. Do you have any suggestions?  Thank you.

 

Robert

 

Malware.Trace
    (x86) HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

Share this post


Link to post
Share on other sites
On 24/05/2016 at 2:34 AM, rjzdanis said:

Hi all.

 

After removing a registry threat and rebooting, the same threat reappears (see below for detail).  I have noticed that just as SAS prompts me with the success and reboot message, I also get a message from Avira indicating that it has blocked my registry.  I'm inclined to think that Avira is actually preventing SAS from completely removing the offending registry entry. Do you have any suggestions?  Thank you.

 

Robert

 

Malware.Trace
    (x86) HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON#SHELL

 
 
1
 
 
 
 
 
 

Hey, rzj

What SAF Version do you have installed?

Please make sure you have the latest SAS, if not download them here:
Free Edition users click HERE for 6.0.1232

Professional Edition users click HERE for 6.0.1232

& run a scan

That (may) Have fixed the problem, if not:

Can you go to (x86) HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON# in your windows file browser and post a screen shot or copy and paste the names of the registry files for me?

Also,

You can try unlocking the file with unlocker and then re-scanning with SAS, it should hopefully work after unlocking the registry file.

Unlocker Direct Download: http://www.majorgeeks.com/index.php?ct=files&action=download&

About Unlocker: http://www.majorgeeks.com/files/details/unlocker.html

Remember to use 'Custom Install' and uncheck all the boxes (unless you want them) when installing unlocker as it will try to install freeware programs.

Share this post


Link to post
Share on other sites
7 minutes ago, GuiltySpark said:

You realize this is an old thread and the OP hasn't come back since.

Yep, but It's always nice to have a solution posted for other members to see. 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×