SG wrote:
Quote:
> Malke,
>
> Thanks for the response. It's not my system, but one I'm working on. Just
> so you know I have been in this business for many years, was an MVP a few
> years back, but do to family obligations had to give it up. Years ago
> would download Viruses and take them apart to see how they worked. so I'm
> not a novice :>)
> Quote:
Quote:
>>>>Your computer is infected and the methods you've used will not clean
>>>>it.<<<
>
> As I said the executable is gone, the process is disabled, I just need to
> remove the Branch from the Registry. This system at one time was infected,
> but not now. I've worked in the Registry for many years, but this is a
> first that I cannot remove something, any other thoughts as to why it
> can't be removed?.
> Thanks for your excellent explanation. If you are sure that nothing is
respawning and the machine is really clean except for this one registry
key, delete it from outside the operating system with either ERD Commander
or a Bart's PE (if Bart's lets you work on a foreign registry - I don't
know this).
Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!