Windows 8 and 8.1 Forums


Malwarebytes deteced Registry Keys Infected

  1. #1

    Malwarebytes deteced Registry Keys Infected


    For about a week now my sister's laptop is slow. Define slow? Slower than usual.

    I did a Malwarebytes quick scan and some Registry Keys are infected (see log below).

    My question is: is it safe to delete these? Deleting registry keys is not something you usually do...

    I also ran an online scanner but that did not detect anything. Weird...

    - - -

    Malwarebytes' Anti-Malware 1.46
    Malwarebytes | Free Anti-Malware & Internet Security Software


    Database version: 4052


    Windows 6.2.9200
    Internet Explorer 9.11.9600.17728


    4/28/2015 6:48:31 PM
    mbam-log-2015-04-28 (18-48-31).txt


    Scan type: Quick scan
    Objects scanned: 118874
    Time elapsed: 14 minute(s), 21 second(s)


    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 4
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0


    Memory Processes Infected:
    (No malicious items detected)


    Memory Modules Infected:
    (No malicious items detected)


    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cscript.exe (Security.Hijack) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmc.exe (Security.Hijack) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rundll32.exe (Security.Hijack) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wscript.exe (Security.Hijack) -> No action taken.


    Registry Values Infected:
    (No malicious items detected)


    Registry Data Items Infected:
    (No malicious items detected)


    Folders Infected:
    (No malicious items detected)


    Files Infected:
    (No malicious items detected)

      My System SpecsSystem Spec

  2. #2


    Posts : 356
    Windows 8.1 Enterprise


    I have looked into my registry and found no such thing as "Image File Execution Options".
    You can export your registry settings (make a backup), and let malwarebytes delete these keys, there could be something associated with them so let malwarebytes do it.
      My System SpecsSystem Spec

  3. #3


    Austin TX metro area
    Posts : 640
    Windows 7 Pro 64bit [MS blue-disk set]


    And, MBAB's quarantine section [History from front panel] gives an option to restore whatever is quarantined, registry keys included. Sometimes, MBAB, like many other security programs, generates and quarantines a false positive.
      My System SpecsSystem Spec

  4. #4


    Posts : 375
    Win 8.1 64bit


    I would try a System Restore to a point prior to the slow-down issue. See if performance improves and if those unknown registry keys are present.
      My System SpecsSystem Spec

  5. #5


    Posts : 8
    W8


    Quote Originally Posted by Dragonchaser View Post
    Malwarebytes' Anti-Malware 1.46

    Database version: 4052
    Malwarebytes Anti-Malware (MBAM) 1.46 is now five (5) years old! Please ask your sister to consider running the MBAM Clean Removal Process followed by an installation of the release version of MBAM2 from https://downloads.malwarebytes.org/file/mbam/.

    Then if that identical detection from MBAM1 prevails with MBAM2, please ask your sister if any additions/alterations have recently been made with a 3rd party Software Policy security application or the embedded Software Policy settings within Windows.

    For additional clarity, please report the complete/detailed version and architecture of the Windows OS in question.

    Thank you.
      My System SpecsSystem Spec

  6. #6



    Trying to Sith things out
    Bamberg Germany
    Posts : 2,290
    Windows 10 Pro 64 bit


    Quote Originally Posted by 1PW View Post
    Quote Originally Posted by Dragonchaser View Post
    Malwarebytes' Anti-Malware 1.46

    Database version: 4052
    Malwarebytes Anti-Malware (MBAM) 1.46 is now five (5) years old! Please ask your sister to consider running the MBAM Clean Removal Process followed by an installation of the release version of MBAM2 from https://downloads.malwarebytes.org/file/mbam/.

    Then if that identical detection from MBAM1 prevails with MBAM2, please ask your sister if any additions/alterations have recently been made with a 3rd party Software Policy security application or the embedded Software Policy settings within Windows.

    Thank you.
    Good catch.
    Dragonchaser you really need to upgrade MBAM it's at 2.1.6.1022

    Click image for larger version
    Active Window capture from just now
      My System SpecsSystem Spec

  7. #7


    Posts : 156
    Windows 8.1 Pro 64-bit, Windows 10 64-bit


    Hello Dragonchaser,
    You Malwarebytes Anti-Malware is outdated, this will cause your system to become vulnerable. Please download the latest version 2.1.6.1022 from https://www.malwarebytes.org and run a scan again.
      My System SpecsSystem Spec

Malwarebytes deteced Registry Keys Infected
Related Threads
Hi everyone, Can someone tell me where Windows stores the changed values ​​here? https://www.eightforums.com/tutorials/42424-touch-pen-displays-configure-windows.html I need to create a master and deploy 200 pc :party: Thanks
I have a new MSI GE60 2PC Apache. I had some trouble trying to get the mic to work with TeamSpeak for a while and eventually found out the mic was being enabled and disable constantly through all my typing. What I have found: "a" key disables mic. "s" key enables mic. According to MSI the "a"...
Hello, I am used to using the hjkl keys as arrow keys on my home computer by using xmodmap to avoid moving from the home row. Is there any way on 'microsoft windows 8' to configure the hjkl keys to be used as arrow keys while a modifier key such as 'ctrl', 'alt' or 'meta' is held down? The hjkl...
Ownership of Registry Keys? in General Support
I have come across an issues with potential problems with ownership of registry keys on my machine. Up until now, I was not aware that registry keys had owners, like directories. Why is this? Is there any link between the ownership of directories and registry keys. I haven't deliberately...
Solved PC infected with XTreme Rat in System Security
Hi, I recently installed AVG on the family computer and ran a virus scan, which came up with a few problems. The biggest one was that the computer was infected with the XTreme RAT trojan. This has been removed, but looking at the capabilities a RAT gives I would like to see what damage has...
Not sure if infected or not in System Security
Hey fellas, I have this thing im worried about. While browsing the internet a new tab opened up on its own and a website loaded, a page with a Microsoft security essentials saying I have potential viruses on my computer. From what im reading MSE is not installed on windows 8 and windows defender is...
Eight Forums Android App Eight Forums IOS App Follow us on Facebook