Hello all,
This may be suited better to the tech forum but I wanted to check here first. I have been searching for an answer to this but I can't find a suitable resolution. Basically I have some PC's that are having a registry key modified, specifically:
hkey_local_machine\software\micrsoft\windows nt\current version\drivers32
aux
I don't have the foggiest what is changing (it changes the key to point to a random temp file under the current lgoged in user's local profile) it but it has happened on a few computers and it causes all kinds of strange symptoms such as regedit not opening, command lines not opening, AV not running, network/internet connections crapping out etc. I was able to find a "fix" that says to modify the data for the aux key back to:
wdmaud.drv
It corrects the symptoms and scans haven't turned up a virus on the affected machines after the fact...but I can't for the life of me find out what is triggering it and that kinda worries me. Anyone ever come across this before? I am continuing to try and research what the root cause is but any leads would be much appreciated!
Posts
eTrust, off the top of my head I am not positive on the version. The only logical conclusion I can draw is some virus disabling everything but as I mentioned nothing is being turned up in scans. Well the scans I run after modifying the registry anyway (can't scan before that).
WoWtcg and general gaming podcast
WoWtcg and gaming website
McAfee Stinger, for example. It just scans for a small subset of the nastiest nasties.
Mods feel free to close/lock this or leave it open for people to comment in. Thanks everyone.
WoWtcg and general gaming podcast
WoWtcg and gaming website