0
Want this question answered?
Be notified when an answer is posted
Add your answer:
Earn +20 pts
What are the hklm subkeys?
there are 5 subkey of HKLM .i.e. SAM. Security, Software, Hardware and System
What are some of the REG files that viruses edit?
Virus edit HKLM\SOFTWARE\ HKLM\SYSTEM\CurrentControlSet\Services\ HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ HKEY_LOCAL_MACHINE\Software\MicrosoftWindows\CurrentVersion\RunServices Never edit reg files if you do not know how to edit them.This could make your computer stop running .
Give an example of a registry key that causes a task to run only once at startup?
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
Msn internet explorer states either they have a problem connecting or problem with your internet service which is working fine?
Try another browser, like Firefox. Solution: 1: Create restore point and take registry backup. 2: we can get to the root of the problems with your system. I don't think MSN is the culpreit here. I'd like to focus on your startup programs. Let's go to the registry - what are in these keys.. anything that you thought was un-installed ? HKLM\Software\Microsoft\Windows\CurrentVersion\Run HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce HKCU\Software\Microsoft\Windows\CurrentVersion\Run HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce 3: If you face still problem and then download and install mozilla firefox browser and check it.
Folder option missing from tools menu?
Some guys complained that vbs is not working, so I'm presenting here another solution.Copy the following code,paste in any notepad and save as "EnableRegEdit.inf" . Right-click and install; your regedit will be enabled.(Be careful to copy the code exactly as presented here including everything.Code is in Italic to avoid any misunderstanding...___________________________________________________________________________________[Version]Signature="$Chicago$"Provider=Symantec[DefaultInstall]AddReg=UnhookRegKey[UnhookRegKey]HKLM, Software\CLASSES\batfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\comfile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\exefile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\piffile\shell\open\command,,,"""%1"" %*"HKLM, Software\CLASSES\regfile\shell\open\command,,,"regedit.exe ""%1"""HKLM, Software\CLASSES\scrfile\shell\open\command,,,"""%1"" %*"HKCU, Software\Microsoft\Windows\CurrentVersion\Policies\System,DisableRegistryTools,0x00000020,0_________________________________________________________________________________To enable Folder Options, copy following code,paste it in any notepad and save as "folderoptions.reg" file. Double click it and your folder options will be restored._________________________________________________________________________________Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]"NoFolderOptions"=dword:0000000[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions]"NoBrowserOptions"=dword:00000000__________________________________________________________________________________To enable Task Manager, copy following code,paste it in any notepad and save as "EnableTaskManager.reg" file. Double click it and your folder options will be restored._________________________________________________________________________Windows Registry Editor Version 5.00[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]"DisableTaskMgr"=dword:0000000
What viruses are launched even after you boot in Safe Mode cannot get the AV software to work try searching for suspicious entries in the subkeys under?
HKLM\System\CurrentControlSet\Control\SafeBoot
Which command will restore a backup of the Registry from DOS?
Run the command:reg export Example: reg export hklm\software\myco\myapp appbackup.regThis command will export all sub key and values of key "myapp" to the file "appbackup.reg"
Anti virus for nhatquanglan?
how can i do remove nhatguanglan Solution[[User:Lander19|Lander19]] 15:09, 14 Jan 2008 (UTC)Enable Regedit, Task Manager, Regedit, Hidden Files, etc.Enable Task Manager-------1. Start> runreg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f2. Start> runreg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /fEnable Regedit-----1. Start> runreg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f2. Start> runreg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /fFolder Option & Hidden Files----------1. Start> runreg add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f2. Start> runreg add HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 0 /f3. Start> runreg add HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced /v Hidden /t REG_DWORD /d 1 /f4. Start>runreg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 1 /freg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v DefaultValue /t REG_DWORD /d 2 /freg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v CheckedValue /t REG_DWORD /d 2 /freg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN /v DefaultValue /t REG_DWORD /d 2 /fOther steps------Delete the filesC:\WINDOWS\SCVHSOT.exeC:\WINDOWS\hinhem.scrC:\WINDOWS\system32\SCVHSOT.exeC:\WINDOWS\system32\blastclnnn.exeC:\WINDOWS\system32\autorun.iniC:\Documents and Settings\All Users\Documents\SCVHSOT.exeModify some registries\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ Shell REG_SZ --> explorer.exe\Software\Microsoft\Windows\CurrentVersion\Run\ Yahoo Messengger -->deletePrecaution[[User:Lander19|Lander19]] 15:09, 14 Jan 2008 (UTC)[[User:Lander19|Lander19]] 15:09, 14 Jan 2008 (UTC)~ Never double click on such files which look like folders, instead use folder view for navigation.You may like to disable "Shared Documents".
How trojan.hider.i works?
When Trojan.Hider.i is executed, it performs the following activities: It creates the below file which is copy of itself %system%\isass.exe For autoexecution it create the below registry entry "ImagePath" = "%System%\isass.exe " HKLM\System\CurrentControlSet\Services\CSNetManagerXp "UncheckedValue" = "1" HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt "HideFileExt"="1" HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced The file isass.exe is registered as a new system driver service named "CSNetManagerXp", with a display name of "CSNetManagerXp" and a startup type of automatic, so that it is started automatically during system startup.
Device manager reads data from the key to build the information it displays about hardware configurations?
HKLM\Hardware
What two files are used to build the hkey classes root key of the registry?
HKEY_LOCAL_MACHINE and HKEY_USERS---- Book says HKLM and \Documents and Settings\username\Local Settings\Application Data\Microsoft\Windows\Usrclass.dat The essentials book says software hive and the Usrclass.dat file
Which registry hive is loaded first during window start up?
System Registry Hive.
