Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
1) Download the following three items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp
Adaware SE (free personal version v1.05)
http://www.lavasoftusa.com/
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download Sysclean.com and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt307.zip
Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.
2) Update Adaware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point
* * * Please report your results ! * * *
Dave
"Adiletante" <adiletante@hotmail.com.(donotspam)> wrote in message
news:028F51BD-A3A8-48E2-A605-50DC4AB09369@microsoft.com...
| I recently did an online check with Pest Patrol. One of the things that
| showed up was SpyKeyLogger followed by a registry entry as follows:
|
| HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags\7\Shell
|
| Is this something that can be deleted and why did it show under the above
| title?
|
|
| --
| Adiletante
Facebook
Twitter
Instagram