Jump to content

are these false i dont know what they are amd I am freaking


asianmusicguy

Recommended Posts

Registry Data Items Infected:

HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

and this one

Files Infected:

c:\Users\myname\explorer.exe.back (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.

Link to post
Share on other sites

  • Staff

The first two are probably because you have iolo system mechanic. It resets these from the windows default. You can simply fix them or add them to the ignore list. These are not an infection.

The last one I wouldnt worry about. If it quaritined fine and didn't come back then nothing to worry about. It's a heuristic detection and could either be bad or not.

Link to post
Share on other sites

The first two are probably because you have iolo system mechanic. It resets these from the windows default. You can simply fix them or add them to the ignore list. These are not an infection.

The last one I wouldnt worry about. If it quaritined fine and didn't come back then nothing to worry about. It's a heuristic detection and could either be bad or not.

in the past I installed http://download.cnet.com/Registry-Mechanic...4-10190447.html but never used it

so the only thing i can think of is CCleaner registry clean up has this been know to causes issues of this nature?

Link to post
Share on other sites

Its basically cause something is named explorer.exe in the wrong location..

Hard to say what it is exactly.

you can restore it from quarintine and submit to virustotal to verify.

http://www.virustotal.com/

takng into account my post here http://forums.malwarebytes.org/index.php?showtopic=73531 could that be the cause of the above?

Link to post
Share on other sites

  • Staff

You are fine.

That def worked like its supposed to. Malware will maquerade using reserved names like explorer.exe etc. It's a named based detection. If it si something you backed up on purpose than it can be added to the ignore list.

Fixing the broken commands is fine. That explorer.exe.bak is just a backup for some reason. It can be safely deleted or left. Your call.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.