Jump to content

something is wrong with the malware.

aeoo
 Share

Recommended Posts

aeoo

aeoo

Posted
Posted

one day i inserted the USB onto my pc. i got infected by the sguza.exe malware. it added the mrpky.exe on my application data. i was able to manually remove the malware with one site showing the removal instruction. i used sysinternals process explorer to terminate and delete the following files in each directory:

F:muza/sguza.exe

F:autorun.ini

C:documents and settings/(my username)/application data/mrpky.exe

I then made a search and delete on the registry for sguza,autorun (the one on my F drive )and mrpky. however the mrpky registry key came back every time i deleted it. i then made a restart and re inserted my USB and the malware did not came back. when i checked the application data the mrpky.exe file is gone but here is its registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman

the taskman has a value of the location of the mrpky.exe which is in my application data but the mrpky.exe did not recreate itself. i have not encountered any strange problems on the next 10 days. i was now on a holiday and the computer that has the mrpky.exe registry key is still on my home.

will the registry key for the taskman do any harm on my computer?

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Update and Scan with Malwarebytes' Anti-Malware

  • Start MalwareBytes AntiMalware (Vista users must Right click and choose RunAs Admin)
  • Please DO NOT run MBAM in Safe Mode unless requested to, you MUST run it in normal Windows mode.
    • Update Malwarebytes' Anti-Malware
    • Select the Update tab
    • Click Update

    [*]When the update is complete, select the Scanner tab

    [*]Select Perform quick scan, then click Scan.

    [*]When the scan is complete, click OK, then Show Results to view the results.

    [*]Be sure that everything is checked, and click Remove Selected.

    [*]When completed, a log will open in Notepad. please copy and paste the log into your next reply

    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

If you're still having issues then please post a new topic in the HJT forum and someone will assist you further.

Thanks

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.