Windows Legacy OS forum

General discussion

Registry problem in windows xp

Hi
I tried to remove the virus Backdoor.Agent.B but now I think my problem is much bigger. Several websites contain instructions on how to remove the Backdoor.Agent.B and all say that I would need to rename the folder "Windows" in the registry to "Windows1".

I did as the sites said. And now I can't change the name "Windows1" back to "Windows", the computer says the name "Windows" already exist. When I close the registry window and reopen it again, the "Windows" folder is back along with "Windows1". Now, when I click on Start and Program, there is nothing in Program. I can't connect to the internet or open certain programs.

Is it possible for me to replace the new registry key "Windows" with the original content from "Windows1"? Or am I doomed? This problem seems fixable from the sites I've been reading but they don't hint at any solution.

Thank you for any help.

By the way, the Backdoor virus is still in the computer. At first I thought it was the virus that made my computer messed up but I've learned that the registry is the problem. I posted this message in another forum and waiting for a response.

Discussion is locked
You are posting a reply to: Registry problem in windows xp
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Registry problem in windows xp
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Confused?

In reply to: Registry problem in windows xp

Best thing is to let us know where to find the instructions you are following so we can read them as well - You haven't been quite clear about what section(s) of the registry you have changed to "windows1"

Peter

Collapse -
Re: Registry problem in windows xp

In reply to: Registry problem in windows xp

....all say that I would need to rename the folder "Windows" in the registry to "Windows1".

Is there a folder named "Windows" at the registry ?

At first I thought it was the virus that made my computer messed up but I've learned that the registry is the problem.

The registry could have been messed up by the Backdoor Agent.

Collapse -
Re: Registry problem in windows xp

In reply to: Registry problem in windows xp

First, you didn't tell if you were using an Antivirus Package and downloaded the latest viruses definitions in order to try to remove it.

Second, it was better to post the URL from were you followed the instructions. For example, the following Symantec Backdoor.Agent.B page. However, by reading those manual removal instructions I have to say that the procedure isn't accurate at the point you're stuck now. In other words, the manual procedure should be different.

Your problem could be solved in two steps. Try to run the following Fix Tool. If it gets rid of it, try to rename the windows1 subpath in the registry again.

Good Luck,

Cetin


Trying to unweave, unwind, unravel
And piece together the past and the future,


T. S. Eliot

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

Thanks for the replies everyone. I'm sorry about any confusion. Below is a more descriptive post (I hope) I wrote in http://www.security-forums.com/forum/viewforum.php?f=38:

Oops, I forgot to say that I'm using Windows XP. And to your question, Groovicus, yes I did back up the whole registry about several days before I began changing the registry. Now I can't find that particular registry file anywhere.

As I've said earlier, I was trying to delete the Backdoor.agent.b virus manually because my antivirus program (Symantic Antivirus) wouldn't do it automatically. I went to this site http://securityresponse.symantec.com/avcenter/venc/data/backdoor.agent.b.html and some forums. Their instructions on removing Backdoor are:

Click Start > Run.
Type regedit
Then click OK.
Navigate to the key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

In the right pane, delete the value:

"*<1-5 random characters>" = "RUNDLL32 %System%\(DLL filename).dll,StreamingDeviceSetup"

Navigate to the key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

Rename the subkey:

"Windows" to "Windows1"


Wait approximately 5 seconds.

.....other steps.....

I did the bolded part only because I couldn't understand the part about "1-5 random characters" value. I had already backed up the whole registry several days earlier so I went ahead renaming the "Windows" key (in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion). I think my problem is that I restarted my computer without changing the new "Windows1" name back to "Windows". I forgot about it. How do I change the name to the default name?

Please help. I hope my description is clearer this time. Thank you.

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

Generally speaking, you should use one Forum advises at time. In other words, don't mix posts between several sites and even parallel Forums from the same Message Board.

Now, some clarifications.

>> I did the bolded part only because I couldn't understand the part about "1-5 random characters" value. <<

So, you should expand the following path under regedit:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Highlight Run and look in the right pane.

You should search for an item that has the StreamingDeviceSetup at the end of the line and delete that entry., that's all. No one can prior tell you the "*<1-5 random characters>" name as well as DLL filename.dll because they are generated at random.


In my previous message I provided a link to a Fix Tool. Download and run it in order to get rid of this Trojan. That's the first step in order to go further.


Good Luck,

Cetin


Trying to unweave, unwind, unravel
And piece together the past and the future,


T. S. Eliot

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

I checked your link to Fix Tool but the description doesn't say it is for fixing Backdoor.agent.b instead it says Backdoor.agent.ac. Does it matter?

Another thing I can't connect online with the infected computer, it doesn't work. Can I download Fix Tool onto a disk from another computer and put it in my computer?

I don't know much about computers and this is my first time on any computer forum. Thanks for any help.

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

You can download it on another PC and transfer the fixxagentv1.0007 zip file by using a diskette (it's small) and yes, running it shouldn't harm.


Good Luck,

Cetin


Trying to unweave, unwind, unravel
And piece together the past and the future,


T. S. Eliot

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

Okay I downloaded Fix Tool and used it. A window popped up and scanned for Trojan.Agent.J in c:\windows\system32.... Then, the Fix Tool window disappeared within 2-3 seconds. There was no message or anything. I tried loading FixAgent.exe (you called it Fix Tool)several times again and it did the same thing. Perhaps it didn't find anything.

Maybe it's time for me to reboot the computer?

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

That FixTool (that was the link's name) aka FixAgent.exe should open a window and in the case that it didn't find it should show a "Checking registry?Not found" message.

Before you restart the PC, you should manually remove that item that has the StreamingDeviceSetup at the end of the line under the following path in the registry.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run


Good Luck,

Cetin


Trying to unweave, unwind, unravel
And piece together the past and the future,


T. S. Eliot

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

Yes FixAgent.exe does show a "checking registry" but I don't think there is any message after the search. There might be a "not found" message but I don't see it, the FixAgent.exe window closes too quickly.

Oh well, thanks for all your help, Cetin.

Collapse -
Re: Registry problem in windows xp

In reply to: Re: Registry problem in windows xp

Why don't you try to fix that entry in safe mode?

Collapse -
You are welcome and..."Good Luck" ... (NT)

In reply to: Re: Registry problem in windows xp

.

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GRAMMYS 2019

Here's Everything to Know About the 2019 Grammys

Find out how to watch the Grammy Awards if you don't have cable and more.