Registry

[orangesky]

Hi, I have these 3 registry troubles, any helps are welcome:

1. could this have anything to do with updating windows or IE? I use XP, not NT. Why are there all sorts of NY entries on my pc? autorundisable registry - what does this mean? [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]@="@SYSoesNotExist"

2. IObit found these entries. the first one won't delete:

Unused File Extension {80b8c23c-16e0-4cd8-bbc3-cecec9a78b79} HKCR\{80b8c23c-16e0-4cd8-bbc3-cecec9a78b79}

ActiveX/COM Issue InProcServer32\C:\Program Files\IObit\IObit Security 360\IS360Ext.dll HKCR\CLSID\{364BB365-5DF0-45D4-92C5-B0A4F0962C9D}

3. there is a key with the same name as main off the main key like this
HKEY_CURRENT_USER > then a bunch of eys under this main one, then an entry off that one is
HKEY_CURRENT_USER >SOFTWARE > Microsoft > Windows > Current Version > RunOnce
I backed up and saved copy then deleted it. was that ok? that was a week ago and all is well. was that a spy? how can i know if someone has remote access to my system? there was a entry for another user in registry 6 months ago and i deleted it.

 

[manojgj]

go to run prompt "services.msc"

then find a service named "remote registry " go to its property & set its startup type as manual & stop the service..

this will disable access to registry from remote,
or get Regrun & scan you PC...
http://www.greatis.com/security/

 

[orangesky]

When I checked in services.msc I have no entry for remote registry. Is this something that may indicate it has been hijacked because it is not visible? I have only these entries in that alphabetical area of the list:

remote access auto connection ...manual
remote access connection manager ....started manual < tried to stop this, it wont
remote desktop help session manager ...disabled
remote procedure call started automatic
remaovable storage .. manual
routine and remote access manual
secondary logon manual

i couldnt stop the remote access connection manager error 1053: the service did not respond to the start or control request in a timely fashion.

since when operating system into fashion, oh well.
hey issecondary logon a hackers trick? or do i need that to swicth users on my system? or can i stop the secondary logon?

 

[manojgj]

that upto you, if you are the only person using the pc, then turn it off..
for your safety get firewall along with you antivirus.. it's ok for home users..

 

[orangesky]

I meant to type NT, that I get alot of NT entries even though I am not part of a network but am just a single home user and I don't want anyone remotely getting into my PC.

I still the the troubles.
I get alot of connections for just one webpage, what can this be? I suspect remote controller. And I suspect the 60 or hundreds of connections are to send packets each under 66 size so as if I wouldn't notice.

Yes, I have firewall and anti virus.