Jump to content

Recommended Posts

I really need to know what I should do, do I remove the selected file or do I follow the main topic at the top of this forum?

I'm sorry, you supplied insufficient information to give you a good response.

In the subject you infer the Registry with "HKey_local" and in the body of your post you mention a "file".

Please do reply with all pertinent information about the problem you are experiencing and any log or log snippet you may be referring to.

Link to post
Share on other sites

I'm sorry, you supplied insufficient information to give you a good response.

In the subject you infer the Registry with "HKey_local" and in the body of your post you mention a "file".

Please do reply with all pertinent information about the problem you are experiencing and any log or log snippet you may be referring to.

ya sorry about that. In Malwarebytes the scanner came up with an Adware, under Item it says HKey_LOCAL_MACHINE.

Do I copy and paste the Mbam-log?

Link to post
Share on other sites

ya sorry about that. In Malwarebytes the scanner came up with an Adware, under Item it says HKey_LOCAL_MACHINE.

Do I copy and paste the Mbam-log?

Yes please.

Realize that a Registry key under HKLM or HKCU are not "files". Registry keys are anomalous to leaves and twigs on a tree where the entire Registry itself exists as disk files.

Link to post
Share on other sites

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8291

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

12/2/2011 3:47:27 PM

mbam-log-2011-12-02 (15-47-09).txt

Scan type: Quick scan

Objects scanned: 170150

Time elapsed: 12 minute(s), 54 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> No action taken.

Yes, it can be removed and Quarantined.

Since it is a singular event in the log, keep it in quarantine. If after a few weeks where you have rebooted the PC and no software shows any detriment (complains, Pop-Up errors, etc) due to the removal of the Registry key, it can be purged from quarantine.

Link to post
Share on other sites

Yes, it can be removed and Quarantined.

Since it is a singular event in the log, keep it in quarantine. If after a few weeks where you have rebooted the PC and no software shows any detriment (complains, Pop-Up errors, etc) due to the removal of the Registry key, it can be purged from quarantine.

What do I do to quarantine it, do I just "remove selected" Im guessing not but im not sure.

Link to post
Share on other sites

What do I do to quarantine it, do I just "remove selected" Im guessing not but im not sure.

You are correct. When you choose "remove selected", items removed are automatically quarantined. The objective is to keep this in quarantine for roughly 3 weeks. By that time you will either know there is no problem or have no indications of a problem with that registry key being removed, After that quarantine period of roughly 3 weeks, it can be purged from the quarantine.

Link to post
Share on other sites

You are correct. When you choose "remove selected", items removed are automatically quarantined. The objective is to keep this in quarantine for roughly 3 weeks. By that time you will either know there is no problem or have no indications of a problem with that registry key being removed, After that quarantine period of roughly 3 weeks, it can be purged from the quarantine.

Ok thank you very much for all the help.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.