Jump to content

Infections detected - Maleware or not?


Recommended Posts

Hi there,

I ran a Quick Scan with Malewarebytes (rather preventively than due to any special problems with the computer) and it found some infected data. I never know whether the infections found might be false positives (for example the PDF-Toolbar "infections"), so could someone please help me read the log below?

Should I delete all the infections Malewarebyte's found?

If so, is there anything else to do with the computer to get it cleaned up?

Thanks a lot in advance!

------------------------------------------------------

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Datenbank Version: 7466

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

14.08.2011 21:22:43

mbam-log-2011-08-14 (21-22-32).txt

Art des Suchlaufs: Quick-Scan

Durchsuchte Objekte: 168464

Laufzeit: 5 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 4

Infizierte Registrierungswerte: 2

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 2

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:

HKEY_CLASSES_ROOT\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> No action taken.

Infizierte Registrierungswerte:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{B922D405-6D13-4A2B-AE89-08A030DA4402} (PUP.Dealio.TB) -> Value: {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No action taken.

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)

Infizierte Dateien:

c:\program files\pdfforge toolbar\IE\4.5\pdfforgetoolbarie.dll (PUP.Dealio.TB) -> No action taken.

c:\Users\delahun\AppData\Local\Temp\temp1_ups_document_nr4999.zip\ups_document\ups_document.exe (Spyware.Passwords.XGen) -> No action taken.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

PUP means potentially unwanted program, so it's your choice whether to remove it. I would say remove everything found.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

Hi ,

I am Not the person the who started this tread. I found it in search of a solution to the so it seems.. same problem

you were speaking about here...and some more troubles that I can't clean.

I am using Ahnlab V3 which can't delete them.:

ToolBar "{B922D405-6D13-4A2B-AE89-08A030DA4402}"

Two more infections called : win-spyware/spycar.11776 and something called a start searchpage hijack. are also on the search results

which can't be cleaned or removed.

Are these infections or ....

Hope you can help me as well :]

thnx

btw:Mbam can't find anything!?!

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.