Jump to content

Registry keys detected for Antivirus 2008 and adware


Recommended Posts

Hi. I ran a full scan with MBAM on a relatives computer and these 2 entries were found.

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3aa42713-5c1e-48e2-b432-d8bf420dd31d} (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

I also ran a full scan with SAS with default scan settings and nothing was found. Is there anything in the two entries that I need to worry about or follow up? The machine runs Avast free and Windows Defender to keep things simple on Windows XP home SP2 and should be fully updated.

Thanks

Link to post
Share on other sites

Thanks for your reply GT500. I'll have them run a full scan with Avast tomorrow. In the meantime can anyone provide any insight about the 2 detected registry keys? I'm at a loss when it comes to Windows registry.

If I get a chance, I may also have them run Prevx CSI and Dr. Web Cureit unless you recommend something else.

PS: It will be several hours before I can respond but I will be back in the evening EST.

Link to post
Share on other sites

It looks like the registry entries were just traces left over from removals done by previous anti-spyware scans. Can't be 100% certain, but MyWebSearch has been around forever, and is very common, so every anti-spyware utility will detect and remove most of it.

Link to post
Share on other sites

  • Root Admin

Yes those keys are just entries from Microsoft where they basically log all IE add-ons that have ever been installed even if they're removed from the system. Sort of a history key and if that is all that was found then the system is okay, MBAM just did a little more house keeping is all.

Link to post
Share on other sites

Sorry for my very late reply. Thank you both very much for you replies and explanations. They did finally run a full Avast scan and it found nothing. It sounds like Avast and Windows Defender did their job (this time). It also sounds like MBAM did it's job too. Plus, I was able to learn a little bit more about malware and Windows thanks to you.

Cheers,

balloonshark

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.