Jump to content

Windows registry key found to be a malicious PUP


Dubbed
 Share

Recommended Posts

I ran a full scan today and saw I had few malicious things on my PC. I did my own research and found i could delete everything else no problems. However, I am hesitant to delete this particular one because it involves my windows key. Any help and advice would be great. Here is the log: 

 

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Dubbed :: DUBBED-PC [administrator]
 
12/13/2013 6:00:14 PM
mbam-log-2013-12-13 (18-00-14).txt
 
Scan type: Full scan (C:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 457318
Time elapsed: 53 minute(s), 3 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EB4A4C0-6036-4D2E-B010-20707C4B62E8} (PUP.Optional.InstantSavings) -> No action taken.
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 5
C:\Users\Dubbed\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Dubbed\AppData\Roaming\OpenCandy\02578B3BFC4B479FBD5F1A5636AC2DDD (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Dubbed\AppData\Roaming\OpenCandy\6E4ABB1E35DA46108822AA968A1D761E (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater\1.7.0.0 (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
 
Files Detected: 8
C:\Program Files (x86)\Bench\Updater\1.7.0.0\Updater.exe (PUP.Optional.Adwareplugin) -> Quarantined and deleted successfully.
C:\Users\Dubbed\AppData\Local\Temp\4351 (1).exe (PUP.Optional.Adwareplugin) -> Quarantined and deleted successfully.
C:\Windows\Tasks\bench-sys.job (PUP.Optional.BenchUpdater.A) -> Quarantined and deleted successfully.
C:\Windows\Tasks\bench-Updater removing.job (PUP.Optional.BenchUpdater.A) -> Quarantined and deleted successfully.
C:\Users\Dubbed\AppData\Roaming\OpenCandy\02578B3BFC4B479FBD5F1A5636AC2DDD\SendoriSetupx11915.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\Dubbed\AppData\Roaming\OpenCandy\6E4ABB1E35DA46108822AA968A1D761E\saSetup.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater\products.xml (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Bench\Updater\Updater.exe (PUP.Optional.AdwarePlugin) -> Quarantined and deleted successfully.
 
(end)
 
Link to post
Share on other sites

Not sure how to edit post but I thought i should add this now. I use the free version of this software. I also pay for Kaspersky Pure 3.0. Now, I just a critical areas scan if anyone is familiar with their UI and it turned up nothing. so now I'm even more confused about what should be done.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.