MbytesThreat Scan Results Registry Key items (not sure if safe to delete)

capixo · February 14, 2021

Hey Everyone,

This is my first post on these forums, I am not new to Malwarebytes but this recent scan results have me a bit worried. I usually scan my computer every day using QuickScan and usually nothing turns up, but today it detected 8 items which has me worried. I posted an image of my scan results and will post the .txt results for easier access to research. I am more worried about the Registry Keys, not sure if I remove those if my pc will not be starting, the program files not sure if that will affect opening the program at all. Please if anyone could help, I would be very grateful. Thank you.

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 377425
Threats Detected: 8
Threats Quarantined: 0
Time Elapsed: 3 min, 27 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 6
Malware.AI.3671315572, HKLM\SOFTWARE\CLASSES\TYPELIB\{52F2F122-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3671315572, HKLM\SOFTWARE\CLASSES\INTERFACE\{52F2F12F-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3671315572, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{52F2F12F-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3671315572, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{52F2F12F-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3671315572, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{52F2F122-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3671315572, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{52F2F122-2BC5-11D2-8FB7-000000000000}, No Action By User, 1000000, 0, , , , , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 2
Malware.AI.3671315572, C:\PROGRAMDATA\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk, No Action By User, 1000000, 0, , , , , E7C2A885019E942591775591DE8493D9, E85267DCB3E9842DE42ED61616CA951C601D701D71984DBDD05C31A80C3A9F18
Malware.AI.3671315572, C:\PROGRAM FILES (X86)\ADOBE\ADOBE PHOTOSHOP CS2\IMAGEREADY.EXE, No Action By User, 1000000, 0, 1.0.37127, 17AE79BB23683D09DAD3D474, dds, 01116982, 339D9FFAC1B74C1F244D5D05310AC9D2, 4F7E3F0ADFF0464826E045A69FE6D37B2E13A62D858AB9A52D562361060C7F42

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

sticksinstone · February 14, 2021

I'm also new and I received the identical report this morning. Came here looking for help. This is a very old program that isn't even supported anymore and I'd really just as soon NOT have malwarebytes clobber the registry for it only to find out it's a false alarm and I can't figure how to re-install (anyone running an old version of photoshop knows the nightmare there). Seeing someone else get the same report makes me less inclined to let MWB quarantine the program (I do actually use it) but if some new attack targeted it successfully it would be nice to know that too.

Dmitri · February 14, 2021

My Win 8.1 laptop stays off the Internet 99.9% of the time. This morning, I updated MM and did a scan.

I got the identical screen as capixo above -- with the 8 malware indications. I too have Adobe CS2

on my machine, but never use it. I updated to CS5 long ago. I'm gonna consider it a false alarm

for now. Doing a "full scan" with the free msert.exe virus removal tool from Microsoft right now

to double check. Odd that several people are turning up with this all of a sudden this morning.

Will update this post if I find anything doing the Microsoft scan.

capixo · February 14, 2021

wow the thought that both of you got the identical report puts my mind at ease a bit, @sticksinstone its not easy to install it again since its an older program and buggy most of the time when I use photoshop CS2. @Dmitri that would be great if you can let us know what that scan tool is telling you, I wish I had legit copy of cs6 or cs5 of photoshop but they don't sell it anymore, cs2 isn't the greatest to work with but it does the job. It is also kind of weird and funny that we all joined this forum today to find about about these threat scan results. Hopefully a Malwarebytes official support person can maybe clarify what is going on with these sudden threat scan results

Dmitri · February 14, 2021

54 minutes ago, capixo said:

that would be great if you can let us know what that scan tool is telling you

I did nearly a 2-hour full scan with "msert.exe" from Microsoft and came up with nothing. Clean.

You can google "msert.exe" and download the free scanner from MS. It's only good for ten days,

then you'd have to download a newer one. I have MM running in the background always and do a

full disk scan now and then. If a worry, I download the MS tool and follow up with it's full scan.

cli · February 17, 2021

Thanks for reporting, this will be fixed in 10 minutes.

capixo · February 17, 2021

Thank you cli! After I updated my MB it gives me 0 threat scan errors now.

Dmitri · February 17, 2021

Thank you!

sticksinstone · February 17, 2021

ditto thanks. Glad I know about this forum now too :-)

MbytesThreat Scan Results Registry Key items (not sure if safe to delete)

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Important Information