[Unable to Delete Registry Entry]

Hi ibflav and Welcome to the Forum

 

Can you download Hijack This and post the log on the 'Spyware Hell - HijackThis Log Analysis' group and we can help you get cleaned up.

 

Download Hijack This from Here

 

Save Hijack This to your desktop. Double click on the HJTsetup.exe icon. By default it will install to C:\Program Files\Hijack This. Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue. Put a check by Create a desktop icon then click Next again. At the final dialogue box click Finish and it will launch Hijack This. Click on the Do a system scan and save a log file button. It will scan and then open the results in notepad and also save them into the C:\Program Files Hijack This folder

 

Next can you download the two attached .zip files and save them to your desktop, Extract them and run in safe mode by double clicking look.bat and look1.bat, It will export the information from the registry keys and save it to a text file called look.txt and look1.txt on c:\drive but it may only be able to export the information in safe mode as this looks like a possible Rootkit entry (If it is related to a rootkit then the exports may fail but we can use other methods if thats the case).

 

To Reboot into Safe Mode , Restart your computer and immediately begin tapping the F8 key on your keyboard. If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter. (To reboot back to normal mode just restart the pc)

 

Reboot back to Normal mode and post a Hijack This log and the contents of Look.txt and Look1.txt which will be found in c:\drive on the Spyware Hell area.

 

(It will only create the text file if it can find the specified keys, One checks in HKLM the other checks HKCU so post back look.txt or look1.txt if they exist)

Regards Andy

 

 

Thanks Andy. I did as advised and the post now sits in Spyware Hell.

[Unable to Delete Registry Entry]

Hello there. I am unable to delete the following from my registry: HKEY_CURRENT_USER\Software\CsPOEAvrIQ4D

 

When attempting to delete, I get the message: Error while deleting CsPOEAvrIQ4D

 

When attempting to rename, I get the message: Error while renaming CsPOEAvrIQ4D.

 

When attempting to view the permissions, I get the message: Unable to display security information.

 

Anyone have any suggestions how to get it off my system registry?