Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected ?


  • Please log in to reply
4 replies to this topic

#1 Jensen

Jensen

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 29 May 2011 - 07:52 AM

Hi all,

A couple of days ago while on the net I had the following registry change request from Spybot, which I denied.

27/05/2011 20:06:31 Denied (based on user decision) value "YI9B2F0F3H9GVYWVTSWQVMO" (new data: "C:\systemhost\systemhost.exe") added in System Startup user entry!

This followed Kaspersky (not updated - I know I should have) quarantining x5 'unknownthreat UDS:DangerousObject.Multi.Generic on the 22nd and 23rd of this month.

Further google searches on 'systemhost' took me to this site and some worrying reading. Aside from a couple of unsuccessful attempts for me to link with Firefox browser everything so far seems to be running smoothly.

Spybot Search & Destroy found nothing untoward.

Installed MalwareBytes - ran and nothing found.

Installed and ran SUPERAntiSpyware - 5 tracking cookies found and deleted.

I've also installed and ran DDS and GMER as recommended elsewhere and logs are saved if necessary.

Oh yes I forgot I am using Windows Vista. Anything to worry about?

Hope somebody can put my mind at rest,

Jensen

Edited by Jensen, 29 May 2011 - 10:32 AM.


BC AdBot (Login to Remove)

 


#2 Comp39

Comp39

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 29 May 2011 - 10:14 AM

Anything untoward happening at all?

BTW these requests from Spybot search and destroy should be ok, a very trustworthy program.

#3 Jensen

Jensen
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 29 May 2011 - 10:33 AM

Nothing untoward today, it has been in use on and off the last seven hours.

#4 Comp39

Comp39

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 29 May 2011 - 10:43 AM

You be ok. :cool:

#5 Jensen

Jensen
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:28 AM

Posted 04 June 2011 - 10:56 AM

Getting a few oddities happening that never occured before - latest Spybot registry change which I cannot deny - Browser Menu Extension - "Add To Anti Banner" value deleted. I won't pretend I know what that means but how come I can't deny it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users