Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Deleting a folder or file from the Windows Registry


  • Please log in to reply

#1
ignorantee

ignorantee

    New Member

  • Member
  • Pip
  • 9 posts
Is it safe to delete a folder or file from the Windows Registry?

please, please help me with this thing....

im asking this question cuz my antivirus detected two backdoor trojan

Filename: A0046724.exe
Virus Name: Backdoor.Trojan
Original Location: C:\System Volume Information\_restore{F4ED0A51-841D-41B8-B065-638D9AAB47F8}\RP80\

Filename: Mot.exe
Virus Name: Backdoor.Trojan
Original Location: C:\Windows\system32\Bifrost\

and i did a little search on the net about Bifrost...
i found this sites http://www.extermina.../remove-bifrost and http://www.antispywa...ils.php?ID=1308....this sites help you out to remove Bifrost...

so i followed all the instructions on how to remove the files & how to remove it from the Windows Registry...

when i followed the instructions on how to remove it from the Windows Registry, it instructed me to delete the mention files but i did not found those files instead i found a folder that contains Mot, my question is... are these folders (Mot Folders) safe to delete???

here are the two folders:

HKEY_CURRENT_USER\SOFTWARE\Mot
on the right pane they were 3 Names:
1. Default
2. klg
3. plg

HKEY_LOCAL_MACHINE\SOFTWARE\Mot
on the right pane they were 2 Names:
1. Default
2. nck


Are these folders safe to delete from the Windows Registry?
if so please tell me cuz im really afraid that these virus will stole my passwords & any important information...

Edited by ignorantee, 24 January 2009 - 10:11 AM.

  • 0

Advertisements


#2
Anthony19

Anthony19

    Member

  • Member
  • PipPipPip
  • 384 posts
1.
Quote: Is it safe to delete a folder or file from the Windows Registry?

I personally would NOT recommend modifying the registry unless you are confident on doing so


the registry is a very important part fo the computer and should not be taken lightly in its importance to the function of your computer

if you want to know more about the registry read here : http://pcsupport.abo...strywindows.htm

2.
quote: Original Location: C:\System Volume Information\_restore{F4ED0A51-841D-41B8-B065-638D9AAB47F8}\RP80\

this is a Restore point... in the event your computer crashes you can use system restore to restore your computer to an earlyer time

and for any support in malware removal i suggest you to goto: http://www.geekstogo...-Log-t2852.html

Run through step by step... run all scans and save all relavent logs

THEN go to: http://www.geekstogo...o-Here-f37.html

create a new topic and give as much information as possible ( what you have already done to fix the infection / issue's , effects you are having and Post all relavent logs eg: hijack log , scans etc etc

a malware removalist staff will then be able to assist you in the complete removal of this infection you have and any other infections on your machine

dont forget to tell them you have posted here ( give them a link ) so they can have this topic closed...

Thank you for your co-operation , and Good luck

Anthony19

Edited by Anthony19, 24 January 2009 - 04:09 AM.

  • 0

#3
Broni

Broni

    Kraków my love :)

  • Member
  • PipPipPipPipPipPipPipPip
  • 12,300 posts
As the previous poster said, the location points to one of your Restore Points.
Registry entries are only the pointers. Once the bad file is gone, the registry entry is harmless.
You best option in this case, is to reset System Restore.
Turn it off, restart computer, turn it on.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP