MadnessMethod replied to MadnessMethod's topic in Malwarebytes Anti-Malware HelpThanks for the extremely quick response, I appreciate it. I am old enough to remember when the Registry did not even have a GUI interface, and was inspected using a DOS command. Thanks for the advice to not modify my Registry without expert advice--I certainly have no intentions of doing so! Be back soon with the info!
MadnessMethod posted a topic in Malwarebytes Anti-Malware HelpMy PC running Windows XP/SvcPak3 has been acting very strange for several days now. I attributed it to adding a lot of new programs, deleting a lot of old programs, trying to add new hardware devices, etc. But what really took the cake was: after booting up and coming into Windows, any Window--no matter which program--with a vert or horiz scrollbar would start going crazy! Even the little slider bars would bounce around. Back and forth, up and down! I thought, I have used Malwarebytes for free with success often enough, that it is worth paying for. As I tried to make the purchase online, the Language dropdown was spinning so wildly up and down that I had the darndest time picking English!!! Anyway, Malwarebytes software does not find anything wrong, but I do not believe it, and have continued to follow my intution as a computer user for many years, and knowing this old machine of mine in particular. So I have been doing more research and investigation, using Task Mgr and Process Explorer a lot. Just now I wondered why explorer.exe was shown running as a background service in Process Expolorer, but not showing as running in the Task Manager. One thing led to another, and I decided to go through my PC's registry line by line to see if anything looked odd. This is the first time in my life I have ever done this hehe! So forgive me if I don't even know how to talk about the registry. But I recognize when something seems potentially odd. So I've been going line by line, opening each folder. When I found the following, I was spurred to become a member here at the forum: HKEY_LOCAL_MACHINE\SOFTWARE|Classes|bfc\ShellNew\Config Then inside of the Config folder are 2 items, along with a description and some data for each item: The first item is (Default), Reg_SZ, and for Data, it says (value not set). The second is Command, REG_EXPAND_SZ, and the Data assigned to this item is a string of characters, shown below (the dashes at the start and end of the string are mine added): ------%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\syncui.dll,Briefcase_Create %2!d! %1--------- Anyway, I thought this looked oddly different from what I had seen up to that point, so I did another flash scan with Malwarebytes, which turned up nothing. I did some searching around the Web, and decided to join this forum to query users who are surely more computer sophisticated than I. What do you all think? Now I have to continue on through the registry, but need to get ready and go to work soon, too! Any thoughts on what I found? Is it something odd, or not? If so, why didn'y my new software find this? Thanks for any help and input you may offer!!