Jump to content

Really bad false positive - ALL UNINSTALL INFO ??


glnz

Recommended Posts

My first MalwareBytes sweep on an old WinXPPro SP3 machine was going to delete this registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

But isn't that ALL the uninstall information for every program??

MalwareBytes said it was "Rogue.ControlCenter", but I checked my Registry and that does not seem right, so I did NOT remove it.

PLEASE ADVISE.

Link to post
Share on other sites

Here it is (with the particular line bolded in violet - please note that I had UNchecked it so it was NOT deleted). By the way, I don't understand why the OTHER lines were not deleted -- they should have been deleted.

__________________________________

Malwarebytes' Anti-Malware 1.44

Database version: 3591

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

1/18/2010 4:10:48 PM

mbam-log-2010-01-18 (16-10-43).txt

Scan type: Full Scan (C:\|)

Objects scanned: 301708

Time elapsed: 2 hour(s), 54 minute(s), 49 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 6

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken.

HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall (Rogue.ControlCenter) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> No action taken.

Link to post
Share on other sites

Dear Messrs. R. Ducky and TeMerc:

Thanks for VERY fast responses to my post. Yours are the quickest responses I've received on ANY forum, and one of them from the CEO to boot! (Hey, do I get a framed certificate?)

I did re-update (second time today) and re-scan, and -- yes indeed -- you have fixed the false positive.

I discovered MalwareBytes only this past October when my wife's WinXP laptop was suddenly infected by a fake "anti-malware" malware, and Google showed that only you had the fix (which was correct - you did). Since then, you've helped keep us clean as a new car. MalwareBytes is now in my Top 10 list, right up there with SpywareBlaster, Spybot S&D and Ad-Aware (as well as Avast AV Home Free).

Mighty fine company, gents.

Thanks again!

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.