Jump to content

Can these Registry Keys be removed?


Recommended Posts

Hello,

I've used Malware Bytes for a while now and normally don't have a problem with removing stuff... until now. I've never had Registry Keys come up as infected and have no clue if they're safe to remove. Most are from PUP.Optional.OpenCandy and PUP.Optional.ASK.Gen. I'm thinking they can be removed but second opinions are good since I'm unsure. Thanks for any help

 

Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 19
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1112F282-7099-4624-A439-DB29D6551552}, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK.1, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\OCComSDK.ComSDK, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OCComSDK.ComSDK.1, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OCComSDK.ComSDK.1, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}, , [48f93e644348af87300016f5cb37c937], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
 
Files: 10
PUP.Optional.OpenCandy, C:\Users\Elizabeth\AppData\Local\Temp\HYD226F.tmp.1442192940\HTA\install.1442192940.zip, , [bf82505292f965d138f857b4639ff60a], 
PUP.Optional.OpenCandy, C:\Users\Elizabeth\AppData\Local\Temp\HYD226F.tmp.1442192940\HTA\3rdparty\OCComSDK.dll, , [48f93e644348af87300016f5cb37c937], 
PUP.Optional.OpenCandy, C:\Users\Elizabeth\AppData\Local\Temp\HYD226F.tmp.1442192940\HTA\3rdparty\OCSetupHlp.dll, , [98a94b57ed9ef83e128e7c11bc48e719], 
PUP.Optional.OpenCandy, C:\Users\Elizabeth\AppData\Local\Temp\HYDD312.tmp.1442125352\HTA\3rdparty\OCComSDK.dll, , [63dea2006229d85e032db655c73b28d8], 
PUP.Optional.Winsock.WnskRST, C:\Windows\System32\plsapp64.dll, , [162bb0f2c7c4eb4b166116ca14ef7f81], 
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub\Stb0828e4ec-8e23-4d6b-9dc2-dd373ec7d3e6.log, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub\Stb30b9f026-d3a3-4056-9aa6-847a39cacf0d.log, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub\Stb7d3a7dc9-b407-45e1-ac35-bbe7ef84e59a.log, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub\Stb9ebd4803-685e-4b6f-a6a9-29caaf3b6142.log, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
PUP.Optional.ASK.Gen, C:\Users\Elizabeth\AppData\Local\Temp\APN-Stub\Stbed116ee1-a318-4965-b864-661435122d53.log, , [1f22435f5c2f979f54c3c4d938ca5ea2], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes, we make no accusations but do make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Yes all of those entries in Malwarebytes log need to go, also run the following scan so we can see if your system requires anymore attention...

 

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
    (Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt and Shortcut.txt are checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make logs named (Addition.txt) and Shortcut.txt Please attach those logs to your reply.


 

Thank you,

 

Kevin..

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.