Results 1 to 8 of 8

Thread: Tool for locking registry entires and thereby spies

  1. #1
    meetdilip
    Guest

    Default Tool for locking registry entires and thereby spies

    Do you know any tool for locking the registry?

    Tune up utilities offer this function.The problem is that it is not reliable. It automatically unlocks after some time. As you might has noticed from my previous posts, my computer was infected with koolynoody, a downloader. I used ccleaner and spybot. Both failed. Now i used CA Yahoo antispy. It detected KoolyNoody and i manually deleted all entries in registry that were not fixed. Now today again i found it in my registry. I took registry back up and stored it.

    Also i found 2 explorer.exe in task manager. Is it possible? Please take a look at the images.

    Also please tell me how to prevent koolynoody to make the registry entry again.

    Please feel free to contact me.

    regards

    Dilip
    Attached Images Attached Images

  2. #2
    kirankumargb
    Guest

    Default

    i used to use system mechanic... it was giving a good protection for my registry ... it would block even when we ourselves are installing any software, i had to unlock it first then install software.......

  3. #3
    Platinum Member StarK's Avatar
    Join Date
    Mar 2008
    Liked
    0 times
    Posts
    1,416

    Default

    as long as the malware will remain on ur system u will get those registry entries back. the right way to do it would be first to scan ur system with a good antivirus (try avira) http://www.free-av.com/en/download/index.html and get rid of any copies of the malware on ur hdd, then clean the registry.

    but if u still feel too vulnerable then to prevent such malicious modifications u should use a HIPS(host based intrusion prevention system). You can find this feature in comodo firewall (free to use).Free Firewall Antivirus Software Download by Comodo

    every modification by any any software on ur computer would first need authentication from you. u can also set it to learn so it does not bother you for legit sw. its also a great firewall, though i discontinued using it since i don't feel like i need so much security now that i use avira and sygate firewall ... tho u might find it usefull.

    tc.

    PS: the registry is a crucial part of the windows os so 'locking' it up will probably result in a non functional pc :P
    Last edited by StarK; 03-13-09 at 08:42 PM. Reason: Automerged Doublepost
    DON'T beam me up, Scotty!

  4. #4
    LEARNER
    Join Date
    Aug 2007
    Liked
    20 times
    Posts
    15,295

    Default

    Remove KoolyNoody Hijacker - Hijacker Removal Instructions.
    Spybot or AD-adaware also recommended.

    Try FireFOX browser. Seems to affect IE only.>
    Para two;
    Two explorer.exe . But usage is NIL . How ? wait.
    similarly you get multiple entries for svchost.exe.

    http://www.anvir.com/ .
    Download (free)application
    Gives details of all programs at start up etc.
    [quote]
    Hmm, www.koolynoody.net isn't loading right now.

    The computers that run www.koolynoody.net are having some trouble. Usually this is just a temporary problem, so you might want to try again in a few minutes.
    Sponsored Resource

    Want more detail? See which nameservers are failing.
    Nameserver trace for www.koolynoody.net:

    * Looking for who is responsible for root zone and followed l.root-servers.net.
    * Looking for who is responsible for net and followed f.gtld-servers.net.
    * Looking for who is responsible for koolynoody.net and followed ns.johnruffo.com.

    Nameservers for www.koolynoody.net:

    * ns.johnruffo.com returned (SERVFAIL)
    * ns2.johnruffo.com returned (SERVFAIL)

  5. #5
    Platinum Member StarK's Avatar
    Join Date
    Mar 2008
    Liked
    0 times
    Posts
    1,416

    Default

    and i see a lot of unnecessary processes running in ur task manager... get rid of them. specially the second explorer.exe!? one of them is probably malware.

    get process explorer and find out from where the processes are running and whether they are legit or not..

  6. #6
    LEARNER
    Join Date
    Aug 2007
    Liked
    20 times
    Posts
    15,295

    Default

    @moderator:
    IB.net server problem often this evening.
    Trying annexure fifth time. here.
    Unable to edit previous post and add annexure. there.
    Last edited by essbebe; 09-06-11 at 09:16 PM.

  7. #7
    Bronze Member
    Join Date
    Sep 2008
    Liked
    0 times
    Posts
    268

    Default

    Well I don't think that it's a good idea to completely lock the registry since apps usually write to the registry during the operating time.

  8. #8
    Bronze Member
    Join Date
    Dec 2008
    Age
    20
    Liked
    0 times
    Posts
    169

    Default

    Clean up ur system using any good software.
    Open the registry editor and deny write permissions to evey user account on ur system. You can also disable your registry editing using group policy editor (gpedit.msc)

    Free online scan & remove viruses/malwares e.t.c , visit http://housecall.trendmicro.com/

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •