Jump to content

Infected Registry Key


Recommended Posts

Yesterday I wa infected by a "Zlob" also known as Vundo and I downloaded malwarebytes to get rid of it - it supposedly removed the "zlob" but at the same time I also had a rouge that was trying to get me to subscribe to "Rapid"antivirus" or something - I think malwarebytes removed that and the vundo is still on my pc - SpyHunter (a program you have to pay for but I wont pay for it to remove this Ill just use the scan) picked up the same "zlob" I had yesterday and it says that it is in "msiexec.exe" however I have scanned the only 2 "msiexec.exe" files with 3 different malware protection programs INCLUDING malwarebytes and found nothing - so now I downloaded another program you have to pay for and it says I have an infected registry key and the registry key (im guessing) is "msiexec" because there is a registry key with that labled in it - its under processes I believe. Im running malwarebytes again just to make sure but after almost an hour and a half it still hasn't picked anything up yet - do you have a recommendation on how to handle this sucker? It is making my computer a tad sluggish so I believe those other programs are not lying :-(

Any ideas?

Link to post
Share on other sites

Sorry, but there doesn't seem to be an "edit post" button - I just ran a check with another "have to pay" program and it found that the registry key - "hkey_local_machine/software/productname/productid/" was infected. I opened "regedit" and found it but Im not sure if its safe to delete - Im running windows xp - can someone please go check and see if that file is there regularly and tell me if it is safe to delete? :D

Link to post
Share on other sites

Hmph, not being able to edit my pot is quite annoying :-/

Ok I found out that I could delete that registry key so I did - and thats one clean scan but on another scan by "SpyHunter" it says that I still have a "Zlob" which is infecting a file named "msiexec.exe" but can only find two files titled that and both are clean to most programs :-/

Any ideas?

Link to post
Share on other sites

Hmph, not being able to edit my pot is quite annoying :-/

Ok I found out that I could delete that registry key so I did - and thats one clean scan but on another scan by "SpyHunter" it says that I still have a "Zlob" which is infecting a file named "msiexec.exe" but can only find two files titled that and both are clean to most programs :-/

Any ideas?

There is a time limit for editing posts.

Yes,

You need to follow the directions above before you remove something you shouldn't.

Link to post
Share on other sites

  • Root Admin

Yes, sorry about not being able to edit posts (you have a 2 minute time limit for editing) that was put in place due to some users editing logs and posts and removing important information long after the post was made that caused issues. This limit has become necessary due to such childish actions of others.

As for cleaning up your system you really should follow this information as said and someone will assist you in cleaning up your system.

It's not that it's anything magical it's just that we have much more experience than the average user does for cleaning this sort of stuff up.

Please read and follow the instructions provided here: Pre- HJT Post Instructions

When ready please post your logs here: Malware Removal - HijackThis Logs

Someone will be happy to assist you further with cleaning your system.

During this scan and cleanup process you should not install any other software unless requested to do so.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.