Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Which ones are safe from the malwarebytes scan?


  • Please log in to reply
1 reply to this topic

#1 sidd0123

sidd0123

  • Banned
  • 81 posts
  • OFFLINE
  •  
  • Local time:08:43 AM

Posted 12 December 2009 - 04:03 PM

I ran a virus scan using malwarebytes anti malware. Can anyone tell me which ones are safe and which are not safe to delete.

I recently heard that when infected with personal guard 2009, malwarebytes can sometimes delete imporatant registry info if it is infected. i just wanted someone to make sure that if i let malwarebytes delete that registry, my computer wont crash.


here is what the malwarebytes log says in bold;




Malwarebytes' Anti-Malware 1.42
Database version: 3289
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/12/2009 3:55:32 PM
mbam-log-2009-12-12 (15-55-23).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 226353
Time elapsed: 1 hour(s), 8 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 7
Registry Data Items Infected: 4
Folders Infected: 3
Files Infected: 12

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5bf49a2-94f3-42bd-f434-3604812c897d} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5bf49a2-94f3-42bd-f434-3604812c897d} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{d88e1558-7c2d-407a-953a-c044f5607cea} (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Somefox (Trojan.Agent) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5bf49a2-94f3-42bd-f434-3604812c897d} (Trojan.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\personalguard (Rogue.PersonalGuard2009) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xsjfn83jkemfofght (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\gadcom (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jnskdfmf9eldfd (Trojan.Downloader) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3298c4d0-2bc4-432e-913e-b05d7beaf08a}\NameServer (Trojan.DNSChanger) -> Data: 83.149.115.182 -> No action taken.

Folders Infected:
C:\Documents and Settings\Paresh\Application Data\Gool (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Paresh\Start Menu\Programs\Personal Guard 2009 (Rogue.PersonalGuard2009) -> No action taken.
C:\Documents and Settings\All Users\Microsoft AData (Rogue.SmartProtector) -> No action taken.

Files Infected:
C:\WINDOWS\system32\tehepepa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yavipeje.dll (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Paresh\Start Menu\Programs\Personal Guard 2009\Personal Guard 2009.lnk (Rogue.PersonalGuard2009) -> No action taken.
C:\Documents and Settings\Paresh\Start Menu\Programs\Personal Guard 2009\Uninstall.lnk (Rogue.PersonalGuard2009) -> No action taken.
C:\Documents and Settings\All Users\Microsoft AData\t.sid (Rogue.SmartProtector) -> No action taken.
C:\WINDOWS\system32\logon.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\certSystem.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\Microsoftdef.dll (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\regred.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\securits.com (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\spoov.exe (Fake.Dropped.Malware) -> No action taken.
C:\WINDOWS\usExplorer.exe (Fake.Dropped.Malware) -> No action taken.


BC AdBot (Login to Remove)

 


#2 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:05:43 AM

Posted 12 December 2009 - 04:49 PM

I would remove everything it found. There are trojans, malware, fake alerts all through that log. In addition I would install and run ATF Cleaner (for Windows XP and 2000 only!). Check the box for select all and then click the button Empty Selected. This will help clear out temp files, cookies and other junk that clutters up Windows.

Next install, update and run SUPERAntiSpyware. Get rid of what it finds. Finally update and run your antivirus program and get rid of anything that it finds.
DJ Digital Gem

I gave up on computers and now I just DJ!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users