Jump to content

FP or remnants?


tedus987

Recommended Posts

HI i've recently turned this PC on after it being off for almost a year and ran MBAM, now before the long hiatus the MBAM scans came back clean for over 2 years, however this machine was infected and cleaned near the start of it's long run. i wanted to check if the registery keys in this report is an FP or maybe remants left unnoticed.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 08/06/2016
Scan Time: 07:17
Logfile: mbam report.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.08.02
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Luke

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 792234
Time Elapsed: 2 hr, 39 min, 43 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 4
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{8859D5A8-E3B8-4918-BE0E-BB129F285742}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [176b9f5b0c8d51e554f4d10bb84b0bf5]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{17C7CAB3-6D64-4B3A-ACE0-791D67CBE4B0}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\dmwu.exe|Name=dmwu|, , [9ce6d624b5e432047ccc1ebe986b5ea2]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{63ABBC34-2F8B-4643-8E01-3C32056E0836}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, , [5c26dd1d8e0b7db93f08ac3016edd828]
PUP.Optional.Perion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{513521C8-FFCD-4D60-A547-D34E49105B89}, v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\System32\ARFC\wrtc.exe|Name=wrtc|, , [6121b04ad9c059dd9cab914b669dde22]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 5
PUP.Optional.Conduit, C:\Users\Luke\Downloads\clean.exe, , [dfa3cf2b910852e40691773bb44d8b75],
PUP.Optional.Conduit, C:\Users\Luke\Downloads\zafwSetupWeb_110_000_054.exe, , [ee948179b7e285b10e8902b022df34cc],
PUP.Optional.Conduit, C:\Users\Luke\Downloads\ZASPSetupWeb_110_000_054(1).exe, , [bec4d42658416ec81f78456d3ec33fc1],
PUP.Optional.Conduit, C:\Users\Luke\Downloads\ZASPSetupWeb_110_000_054.exe, , [354df9019efb6dc9d2c5c1f14fb256aa],
PUP.Optional.Conduit, C:\Users\Luke\Downloads\ZASPSetupWeb_120_104_000.exe, , [6b172ad01f7aa591dfb8f8ba6a977d83],

Physical Sectors: 0
(No malicious items detected)


(end)

i have deleated the old zone alarm files, my main concern is the registry keys.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.