Trojan.FakeAlert

[Idontknowme]

Malwarebytes' Anti-Malware 1.42

Database version: 3407

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

12/21/2009 11:44:23 PM

mbam-log-2009-12-21 (23-44-19).txt

Scan type: Quick Scan

Objects scanned: 127350

Time elapsed: 7 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9ef873d0-0259-4d2a-aa60-f61fa5b28fe8} (Trojan.FakeAlert) -> No action taken. [b9B9CC6EF117A65AEB57633D4713B030]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[miekiemoes]

Hi,

Why do think this is a false positive? As far as I can see, the guid {9ef873d0-0259-4d2a-aa60-f61fa5b28fe8} is malicious and related with an older zlob variant. In your case it must have been a leftover.

[Idontknowme]

Hi,

Why do think this is a false positive? As far as I can see, the guid {9ef873d0-0259-4d2a-aa60-f61fa5b28fe8} is malicious and related with an older zlob variant. In your case it must have been a leftover.

Hey, Miekimoes. I know the CLSID matches a known malware, but i just wanted a second opinion since is a registry key.

Thanks a lot though.

[Idontknowme]

I mean, GUID... sorry

[miekiemoes]

In either way, it's malware, so let mbam delete it