Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Bytes detected registry entry, but couldn't delete it


  • Please log in to reply
4 replies to this topic

#1 helpm

helpm

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 19 June 2009 - 12:28 PM

I ran a scan with Malware Bytes and it detected registry entry userinit.exe. It said it couldn't delete it and to restart the computer to delete it. I did this, but when I ran a scan with Malware Bytes, the same thing came up. Is this a virus? Is it safe to delete? If it is, how do I delete it?

BC AdBot (Login to Remove)

 


#2 snowdrop

snowdrop

  • Members
  • 513 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 19 June 2009 - 01:08 PM

You could fully update the Malwarebytes program , reboot the computer and run the program on a quick scan , then post the reports from the previous scan and this one for someone to check for you :thumbsup:

#3 helpm

helpm
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 19 June 2009 - 02:15 PM

The quick scan came up with the same thing as the previous scan. I pasted the log file below.

Malwarebytes' Anti-Malware 1.38
Database version: 2308
Windows 6.0.6002 Service Pack 2

6/19/2009 2:14:56 PM
mbam-log-2009-06-19 (14-14-54).txt

Scan type: Quick Scan
Objects scanned: 81691
Time elapsed: 9 minute(s), 14 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\userinit.exe -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,039 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:19 PM

Posted 19 June 2009 - 07:26 PM

I need to confirm that ypu clicked the Remove Selected button after the scan. That is generally why you see the No action taken in the log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 helpm

helpm
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 02 July 2009 - 09:25 AM

I was able to remove it. Thank you for your help. For anyone curious, I think Trend Micro was stopping it from removing the malware.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users