mynorgeek

Infected registry object false positive?

Recommended Posts

Here is the dev log.

Malwarebytes' Anti-Malware 1.45

www.malwarebytes.org

Database version: 3934

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

3/30/2010 12:28:23 PM

mbam-log-2010-03-30 (12-28-23).txt

Scan type: Quick scan

Objects scanned: 109863

Time elapsed: 3 minute(s), 24 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 1

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1} (Trojan.Agent) -> No action taken. [2819A87556568AA701D577E39E2652B4]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites
khakiman   

Sorry for the double posting. I meant to add my name to the previous two posters. Same story -- infected registry key right after updating.

Is this a false positive?

Share this post


Link to post
Share on other sites
exile360   

Hello donnod and welcome to Malwarebytes :rolleyes:

No, do not delete it. Simply update Malwarebytes' Anti-Malware and perform another scan. It should no longer be detected.

Share this post


Link to post
Share on other sites
Thormbam   
The thing is that I did. What now?

To donnod and anyone can need: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1} Is a important registry key. Open Mbam, go to quarantine select it and restored it. And excuse me for my english.

Share this post


Link to post
Share on other sites

I had the same situation. All I had to do to restore it was create a reg file for that reg key on another Windows 7 machine, transferred the created reg file to the computer that needs the key restored, and ran the reg file. Replaced the key - no problem.

I tried to upload the reg file here so other peeps could use it but, Mbam site will not allow upload of reg files. :) If you know how to do what I just explained here, it works great.

FM :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.