Malwarebytes deteced Registry Keys Infected

Dragonchaser

New Member
Messages
1
For about a week now my sister's laptop is slow. Define slow? Slower than usual.

I did a Malwarebytes quick scan and some Registry Keys are infected (see log below).

My question is: is it safe to delete these? Deleting registry keys is not something you usually do...

I also ran an online scanner but that did not detect anything. Weird...

- - -

Malwarebytes' Anti-Malware 1.46
Malwarebytes | Free Anti-Malware & Internet Security Software


Database version: 4052


Windows 6.2.9200
Internet Explorer 9.11.9600.17728


4/28/2015 6:48:31 PM
mbam-log-2015-04-28 (18-48-31).txt


Scan type: Quick scan
Objects scanned: 118874
Time elapsed: 14 minute(s), 21 second(s)


Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0


Memory Processes Infected:
(No malicious items detected)


Memory Modules Infected:
(No malicious items detected)


Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cscript.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe (Security.Hijack) -> No action taken.


Registry Values Infected:
(No malicious items detected)


Registry Data Items Infected:
(No malicious items detected)


Folders Infected:
(No malicious items detected)


Files Infected:
(No malicious items detected)
 

My Computer

System One

  • OS
    W8.1
I have looked into my registry and found no such thing as "Image File Execution Options".
You can export your registry settings (make a backup), and let malwarebytes delete these keys, there could be something associated with them so let malwarebytes do it.
 

My Computer

System One

  • OS
    Windows 8.1 Enterprise
And, MBAB's quarantine section [History from front panel] gives an option to restore whatever is quarantined, registry keys included. Sometimes, MBAB, like many other security programs, generates and quarantines a false positive.
 

My Computer

System One

  • OS
    Windows 7 Pro 64bit [MS blue-disk set]
    Computer type
    PC/Desktop
    System Manufacturer/Model
    2 Acers & 1 Antec[?]
    CPU
    i7 in 2 Acers, i5 in desktop
    Motherboard
    Desktop w/Gigabyte
    Memory
    Two w/16GB, 1 w/8GB
    Graphics Card(s)
    Laptops GameWorthy; Desktop maybe GameWorthy
    Monitor(s) Displays
    flatscreens; 2 are BluRay worthy
    Screen Resolution
    1368x768; 1600x900
    Hard Drives
    1TB internals; 2 ext usb WD 1TB HDs
    PSU
    what's PSU?
    Cooling
    Regular plus external fans
    Keyboard
    desktio w/PS2
    Mouse
    desktop w/PS2
    Internet Speed
    DSL middle level [160?]
    Browser
    from Netscape 0.9 to FF 36
    Antivirus
    well-balanced, well-configured mult-layered defense is best
    Other Info
    From MS-DOS 3.3, MS-DOS 6.22, from Windows 3.1 to WFW 3.11 to Windows 95-98SE, now to Windows 7 Pro.
    Security for now: Windows 7 Firewall, Emsisoft AM, MSE [scan-only], SpywareBlaster, Ruiware/BillP combine
I would try a System Restore to a point prior to the slow-down issue. See if performance improves and if those unknown registry keys are present.
 

My Computer

System One

  • OS
    Win 8.1 64bit
    Computer type
    Laptop
    System Manufacturer/Model
    Toshiba
    CPU
    Intel i3, 2348
    Memory
    4GB
    Graphics Card(s)
    Intel HD3000
Malwarebytes' Anti-Malware 1.46

Database version: 4052

Malwarebytes Anti-Malware (MBAM) 1.46 is now five (5) years old! Please ask your sister to consider running the MBAM Clean Removal Process followed by an installation of the release version of MBAM2 from https://downloads.malwarebytes.org/file/mbam/.

Then if that identical detection from MBAM1 prevails with MBAM2, please ask your sister if any additions/alterations have recently been made with a 3rd party Software Policy security application or the embedded Software Policy settings within Windows.

For additional clarity, please report the complete/detailed version and architecture of the Windows OS in question.

Thank you. :)
 

My Computer

System One

  • OS
    W8
Malwarebytes' Anti-Malware 1.46

Database version: 4052

Malwarebytes Anti-Malware (MBAM) 1.46 is now five (5) years old! Please ask your sister to consider running the MBAM Clean Removal Process followed by an installation of the release version of MBAM2 from https://downloads.malwarebytes.org/file/mbam/.

Then if that identical detection from MBAM1 prevails with MBAM2, please ask your sister if any additions/alterations have recently been made with a 3rd party Software Policy security application or the embedded Software Policy settings within Windows.

Thank you.

Good catch.
Dragonchaser you really need to upgrade MBAM it's at 2.1.6.1022

Image 1.png
Active Window capture from just now
 

My Computer

System One

  • OS
    Windows 8.1 Update Pro in Hyper-V/Windows 10 Pro 64 bit
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Cliff's Black & Blue Wonder
    CPU
    Intel Core i9-9900K
    Motherboard
    ASUS ROG Maximus X Hero
    Memory
    32 GB Quad Kit, G.Skill Trident Z RGB Series schwarz, DDR4-3866, 18-19-19-39-2T
    Graphics Card(s)
    ASUS GeForce RTX 3090 ROG Strix O24G, 24576 MB GDDR6X
    Sound Card
    (1) HD Webcam C270 (2) NVIDIA High Definition Audio (3) Realtek High Definition Audio
    Monitor(s) Displays
    BenQ BL2711U(4K) and a hp 27vx(1080p)
    Screen Resolution
    1920 x 1080 x 32 bits (4294967296 colors) @ 60 Hz
    Hard Drives
    C: Samsung 960 EVO NVMe M.2 SSD
    E: & O: Libraries & OneDrive-> Samsung 850 EVO 1TB
    D: Hyper-V VM's -> Samsung PM951 Client M.2 512Gb SSD
    G: System Images -> HDD Seagate Barracuda 2TB
    PSU
    Corsair HX1000i High Performance ATX Power Supply 80+ Platinum
    Case
    hanteks Enthoo Pro TG
    Cooling
    Thermaltake Floe Riing RGB TT Premium-Edition 360mm and 3 Corsair blue LED fans
    Keyboard
    Trust GTX THURA
    Mouse
    Trust GTX 148
    Internet Speed
    25+/5+ (+usually faster)
    Browser
    Edge; Chrome; IE11
    Antivirus
    Windows Defender of course & Malwarebytes Anti-Exploit as a
    Other Info
    Router: FRITZ!Box 7590 AX V2
    Sound system: SHARP HT-SBW460 Dolby Atmos Soundbar
    Webcam: Logitech BRIO ULTRA HD PRO WEBCAM 4K webcam with HDR
Hello Dragonchaser,
You Malwarebytes Anti-Malware is outdated, this will cause your system to become vulnerable. Please download the latest version 2.1.6.1022 from https://www.malwarebytes.org and run a scan again.
 

My Computer

System One

  • OS
    Windows 8.1 Pro 64-bit, Windows 10 64-bit
    Computer type
    PC/Desktop
Back
Top