Jump to content

Possible False Positive, Registry Entries


Recommended Posts

Yesterday I did a fresh install of Windows 7 and it was fully patched through Windows Update before I did any searching and installing of new programs. The computer is behind a router and the Windows Firewall was active before going online to download updates. The only programs that I downloaded were downloaded from the program's official sites, so I don't see how I could have become infected. I downloaded the following: Malwarebytes Anti Exploit Free, Malwarebytes Anti Malware, Panda Internet Security Free Trial, Firefox with the add-ons NoScript and Adblock Plus. These are all reputable programs that I doubt contain any PUPs bundled. I scanned the computer with Malwarebytes and it finds two registry keys that it says are PUP.Optional.MySearchTB.A. Are these false positives? I have no faith in my fresh install now, so I appreciate any insight on these findings. Please see the Malwarebytes log below:


Malwarebytes Anti-Malware

Scan Date: 8/16/2015
Scan Time: 10:50 PM
Logfile: pup.txt
Administrator: No

Malware Database: v2015.08.17.02
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: XXXX

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 390375
Time Elapsed: 32 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.MySearchTB.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}, , [72748d7cc9c27abc1a447b582fd34ab6],
PUP.Optional.MySearchTB.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{62155D33-3CE2-401E-8967-5A270628A3D5}, , [72748d7cc9c27abc1a447b582fd34ab6],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)



Link to post
Share on other sites

Here is the text of the file you requested:

Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}]"Policy"=dword:00000003"AppPath"="C:\\Program Files (x86)\\pandasecuritytb""AppName"="ToolbarCleaner.exe""AppPathName"="C:\\Program Files (x86)\\pandasecuritytb\\ToolbarCleaner.exe"
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.