Thanks for your help which is greatly appreciated. I presume I can now reload Java and Adobe?
Will be done!
How did this problem arise, and how do I avoid it in future?
Due to malware. It appears that the malware is changed registry values in resulting MBAM stops working. In the last step you'll see.
The registry setting HKey_Local_Machine\Security\ has many keys listed under it, while my wife's computer, slightly newer but running much the same software, has but a single key under HKey_Local_Machine\Security with the setting 'value not set'. Do I need these extra keys? The key HKey_Local_Machine\Security\Policy\Secrets\SAI, when I try to open it, gives the message 'Cannot open SAI: Error while opening key'. The key immediately above it; HKey_Local_Machine\Security\Policy\Secrets\SAC, gives a similar error message. This presumably means they cannot be removed?
Nothing to worry! Note that the registry is an individual, which means depending on installed software and change settings of OS, the values in it are changing and the situation is not the same everywhere. My advice to you as a beginner not delve there without any basic knowledge of there because this could seriously damage the OS. If there is interference of malware out there, MBAM will care. Malware can't be saved.
The registry now has no key HKey_Local_Machine\Software\Microsoft\Windows NT\Permissions, and nor does my wife's computer. Was this key removed by restoredefaltperms.exe?
restoredefaltperms.exe simply returns the values that are default.
* Go to start > run and copy and paste next command in the field:
Make sure there's a space between Combofix and /
Then hit enter.
This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.
CD Emulation programs using DeFogger please perform these steps:
- Please download DeFogger to your desktop.
- Once downloaded, double-click on the DeFogger icon to start the tool.
- The application window will now appear. You should now click on the Enable button to enable your CD Emulation drivers
- When it prompts you whether or not you want to continue, please click on the Yes button to continue
- When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
- If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.
Please manually delete DDS, GMER, JavaRa, Dial-a-fix, SystemLook, mbam-clean and mbam-setup.
Please download the latest version of Adobe Reader from:
Some malware preventions: