Jump to content

Recommended Posts

A few months ago I ran a scan from Malwarebytes and it detected a virus in the boot.ini file. When i rebooted my pc i noticed i got a message that said invalid boot.ini in an all black background. The message only appears for about 1 or 2 seconds, then the pc continues booting up. There is no boot.ini tab under the System Configuration Utility.

Keep this in mind, I'm completely clueless with computers. So I don't know how important a boot.ini file is.

Here is the log from the scan.

Malwarebytes' Anti-Malware 1.34

Database version: 1775

Windows 5.1.2600 Service Pack 2

2/18/2009 1:29:48 PM

mbam-log-2009-02-18 (13-29-48).txt

Scan type: Quick Scan

Objects scanned: 46698

Time elapsed: 6 minute(s), 14 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

\boot.ini (Trojan.Agent) -> Delete on reboot.

Link to post
Share on other sites

Hi Danielle! welcome to the forum. Is this log that you posted your current one? Because it says version 1.34 and we are up to version 1.38. please reply... regards

Hello, and thanks! Yeah this is from a few months back. I've updated malwarebytes to its current version

Link to post
Share on other sites

Can you post a log from the 1.38 version from a quick scan?

Sure, I ran a scan early and it detected a virus in a registry. So far i have 3 quarantined items.

Malwarebytes' Anti-Malware 1.38

Database version: 2309

Windows 5.1.2600 Service Pack 2

6/19/2009 5:36:01 PM

mbam-log-2009-06-19 (17-36-01).txt

Scan type: Quick Scan

Objects scanned: 125425

Time elapsed: 41 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

Thank you very much, a support staff member will look at the log!

Okay thanks for the replies. Here is the log

Malwarebytes' Anti-Malware 1.38

Database version: 2310

Windows 5.1.2600 Service Pack 2

6/20/2009 12:05:30 AM

mbam-log-2009-06-20 (00-05-30).txt

Scan type: Quick Scan

Objects scanned: 124890

Time elapsed: 31 minute(s), 3 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Link to post
Share on other sites

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

In older versions of MBAM we set this key to a nonstandard configuration . It was functional but we thought it best to set it back to default .

That is all that this is .

Link to post
Share on other sites

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

In older versions of MBAM we set this key to a nonstandard configuration . It was functional but we thought it best to set it back to default .

That is all that this is .

what about the boot.ini problem? Its still quarantined since Feb. and I'm wondering if its safe to restore since its missing.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.