Jump to content

Search the Community

Showing results for tags 'Registry'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

  1. Hello, today, I wanted to install a game, long story short, it came with a virus, it came in a zip file, I ran the executable and it installed me 2 programs: "Garbage Cleaner" and a disk cleaning program, I already knew it was a virus in that moment, I deleted it, checked the task manager, many processes with random names were open, I tried to delete as much as posible, but there were 2 files I couldn't, I ran the Windows defender scan (back then I didn't have malwarebytes) and it said it didn't detect any threats besides the exceptions (I didn't add anything to the exceptions), so I checked t
  2. Hello, I haven't actually been having any issues with my system but every now and then I like to run a Malwarebytes scan just to see if finds anything, usually it doesn't. Anyway after running it today it said it had found the following 4 registry PUP issues, all belonging to AnviSmartDefender: Registry Key: 3 PUP.Optional.AnviSmartDefender, HKU\S-1-5-21-4079224529-1850452133-1189164913-1001\SOFTWARE\MOZILLAPLUGINS\anvisoft.com/AdblockPlugin, No Action By User, 295, 840222, 1.0.27693, , ame, PUP.Optional.AnviSmartDefender, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\LHMIOFMIPC
  3. Hello, first time posting so please excuse any formatting mistakes. So somehow I got segurazo today, managed to remove most of it thanks to jumping into paranoia mode as soon as i saw something. Managed to remove facemoods and conduit as well which had been bothering me for a long time. All these thanks to adwcleaner 8 and Malwarebytes. Now there is this persistent chrome extension showing up in adwcleaner classified as a PUP.Optional.Legacy but i can't find it anywhere and when i quarantine it, it shows up again every time i launch chrome. Attached is my latest AdwCleaner scan log. It seem
  4. Hi I have the free version of Malware Bytes, running on a Windows 8 laptop. I have scanned the PC a couple of times this month and each time I get about 30 optional.PUP messages. I have quarantined all but they keep coming back. TXT file attached. I am assuming they are not a big problem but why do they keep appearing and what can I do to remove them? Many thanks John Pup.txt
  5. I had Avira installed and read where the programs play well together. I've noticed however, that whenever I choose to quarantine what is found by malwarebytes, the following is logged after an alert " In accordance with security guidelines, the Administrator has blocked access to the registry". I've since added the C:\Program Files\Malwarebytes\Anti-Malware\ folder as an exception, and will do the x86 folder too, but I'm wondering what the best approach is as I'm not sure my current approach is iron -clad. Ideally, I'd like to allow the executable attempting to do what needs to be done only.
  6. I just built my new PC a few days ago and i went out of my way to buy all new components except my GPU which is second-hand. I scanned my system with malwarebytes and got a lot of adware and two Trojan bitcoin miners that are located in my registry. My problem is that after every scan i get the same malware so it seems that quarantine doesn't help. I tried locating them manually with RegEdit but i cant find anything. I watched a lot of videos on my issue and all of them suggest using Task manager and MSconfig (for startups) but there is nothing out of the ordinary. If anybod
  7. I have unwanted pups and pums, and I want to remove them without damaging anything. How? I came here first before doing anything a.txt
  8. Hi Malwarebytes, I've infected from KMSPico Installation. Very sure of infected signs. (Unfortunately, just after a day, noticed about Malwares and Virus.) So, I've clean restored window. And the window was activated by digital signature activation from my cooperation. But, After check by FRST, I'm still suspecting some are still infected. Please check about my attached FRST log. Since, I've no idea, what kind of virus still infecting my system files. Please kindly help me? Any kinds of support are much appreciate. FRST.txt
  9. As the title suggests, malwarebytes keeps skipping registry files and I KNOW that's where something is located that windows defender is too bad to detect... is there a way to maybe let it scan there at all?
  10. I recently ran Malwarebytes for the first time in a while and the following was detected: Registry Key: 10 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, No Action By User, [6454], [249843],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SUPERANTISPYWARE.EXE, No Action By User, [6454], [249843],1.0.8051 RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ITUNES.EXE, No Action By Us
  11. I have these two programs called Idle Buddy and SSO on my computer. I ran a scan with Malwarebytes and cleaned up 18 threats, two of which were Trojan.Roraccoon, and the rest were riskware or PUPs. After rescanning my computer with Malwarebytes, Emsisoft, Norton, and other scanners, only a few things popped up and I cleaned them up. After another rescan everything seemed clean... So I uninstalled the programs and thought I was safe. However, just today malwarebytes came up with two new threats, this time in the admin account in my computer, both riskware. This prompted me to rescan everything
  12. I have posted a question "Unable to remove exclusions files and location (Either in Safe mode run Windows Defender or in Registry Editor) " in Mircosoft Community. Anyone can help me solve
  13. I am looking for a way to at least be notified of when a app/prog modifies the window registry, specifically the ~15 startup/auto-run areas of the registry. Hoping Malwarebytes premium has an option to do this. Yes many tools show you what is ALREADY in Run areas on Startup/Logon, but none that notify or block entry into those registry areas BEFORE or when they are created/modified. Tools such as Sysinternals Suite’s autoruns and Ccleaner (both recommended) show current RUN items, But do not block or notify. This should be windows innately ability: notify or block reg modifications. Ye
  14. Hey there everybody. I apologize if this has already been answered, but I wanted to get your advice on something as I have more than one question. My computer has been popping up with the black screen displaying "taskeng.exe" very quickly, and then it goes away. It usually only does this a bit after starting up and sometimes after opening Chrome. I looked this up and some people say it's fine, others say it could be a sign of a virus/spyware. I did open up task scheduler, go to the task scheduler library, and disabled a task called "User_Feed_Synchronization" after being advised to do so on a
  15. Good morning, To say that our Malwarebytes EP experience has been poor is an understatement. We rolled out to the entire enterprise the weekend of the mal-formed update and still have not completely recovered. The tech has been unpleasant "I've already called you twice", and we have not been able to track down a workable exclusion for the hundreds of end users forced to reboot with a registry change that Malwarebytes is cleaning daily. I'm turning to the forums since it appears we have exhausted our support through two phone calls. Basically we are forcing a wallpaper image and not al
  16. I really need help getting rid of a pesky virus, HKU\S-1-5-21 I scan my computer and it's there. I get rid of it, and a few days later, it comes right back! I don't know how to completely exterminate this thing! I'm sure its causing me the problems I've been having with my PC. I'm using a Student account, and yet some programs ask me to give permission to run with the little admin shield symbol. Also, my Mozilla Firefox bookmarks, history, ect. will sometimes stop working, and that red bar will appear at the top of Firefox telling me it can't access my bookmarks because they're being acce
  17. Is it normal find a lot "Pesistent Handler" in registry? I only saw the HKEY_CLASSES_ROOT but it have about 200 of those. Looking at the data I got this: {098f2470-bae0-11cd-b579-08002b30bfeb}. Is it some malware?
  18. I think MBAM just got me a false positive result.After a threat scan it found that the registry \HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run|Windows Update with data on C:\Users\wcwra\AppData\Local\Microsoft Windows|svchost.exe is a backdoor.bot,I went to the folder and it was empty,just a svchost.exe.config. backdoor.txt
  19. Malwarebytes has run its scheduled Hyper Scan and has detected an .exe and registry value as malware. Both belong to Lightshot. This appears to have once been a previous issue: Is it possible to confirm whether these are false positives? I obviously cannot attach the .exe and registry value. I have attached the screenshot of the scan results and the .txt of the results. Has anyone else experienced this? I will also create a ticket for this. malware lightshot false positive.txt
  20. I'll start by noting that this issue does not exist on one machine, but several machines which are all on the same domain. However, not every machine on the domain has this issue. The machines all use either Windows 7 or Windows 10. Malwarebytes does not freeze. What happens is at some point during any point after scanning "startup items" the scan will suddenly appear stuck as the "number of objects scanned" will stop increasing. The scan timer will keep ticking the entire time, but no progress is being made. I can pause the scan, and when I resume the scan there is no change in prog
  21. Hello, I am in need of help in the removal of a Malwarebytes detection within my registry. Whenever I scan I consistently find PUP.Optional.PSScriptLoad.EncJob being detected, and no matter how many times I quarantine and remove it, it returns. I have attached a scan report and a Farbar Recovery Scan Tool Report. I hope that you will be able to help me with this issue. Scan Log 7-7-17.txt FRST.txt Addition.txt
  22. Basically what the title says. Ran ADWCleaner, found a couple of folders, something in Chrome, and 7-8 registry keys. I'm very cautious of cleaning registry keys for obvious reasons. I have the logfile from the time I ran it (only a while ago). If I post that will it be apparent which can safely be cleaned? I have no idea what backing up the registry entails, or how I would go about restoring it if I did indeed clean something necessary. I know just enough to be dangerous and nowhere near enough to be confident with these things. Any help would be appreciated.
  23. Rkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 06/10/2017 06:16:45 AM in x86 mode. Windows Version: Windows 7 Professional Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Windows\AutoKMS.exe (PID: 1380) [WD-HEUR] * C:\ProgramData\Rpcnet\Bin\rpcld.exe (PID: 2632) [AU-HEUR] * C
  24. They just wont go away. I clean them out, Quaratine them, erase them, whatever, and they're still here. I had this once befroe, a few months ago, I already forgot how I got rid of them, but they're back. I need help, because Malwarebytes isn't enough to eradicate them. Here's the exported log. dfdffd.txt
  25. It's first time for me to use Malware-Bytes. My friend recommended me to use this, he said it's good. But when I use it for the first time, It detects a lot of threats on my pc, I have trusted my friend about it's goodness, and I just click Clean the threats after MB finish scanning. I saw there are couple registry files enlisted. But I still selected them all and clean it. Unluckily, after that. I cannot use PC to connect with other PC whereas it's in the same network. Oddly, I still can ping them in CMD. But when I try to enter the sharing folder or network, other PC is invisible.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.