4 replies to this topic

[kaitlin652]

Hi, I read somewhere in this forum about registry files and that you should not mess with them unless you are very knowledgeable with computers, I cant find where I read it as it was a while back, I am not a computer whiz, my question is prior to running a full scan, under general settings should the registry be checked or unchecked? last night I performed a full scan and and this is what it contained Malwarebytes' Anti-Malware 1.40
Database version: 2564
Windows 5.1.2600 Service Pack 3

8/31/2009 11:02:38 PM
Registry key virus found

Scan type: Full Scan (C:\|)
Objects scanned: 178013
Time elapsed: 1 hour(s), 1 minute(s), 45 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> No action taken.
HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mysearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Search Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MySearch (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
I didn't delete I was afraid of damaging or erasing something valuable that makes the computer run correctly, please help Teresa

[GT500]

Don't worry about letting Malwarebytes' Anti-Malware delete registry keys and values. All of those entries are bad and need to go. They will not cause any harm.

[extremeboy]

Hello.

Malwarebytes, have certain things that it will not delete in the registry if it is very crucial to the operating system itself.

You are right that you should not go exploring the registry. A good free program that can backup your registry is ERUNT.

Here is instructions on installing and running it....

Backup Registry with ERUNT

This tool will create a complete backup of your registry. A backup is created to ensure we have backup so encase anything goes wrong we can deal with it. Do not delete these backups until we are finished.

• Please download erunt-setup.exe to your desktop.
  
• Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
  
• Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.

You can find a complete guide to using the program here:
http://www.larsheder...erunt/erunt.txt

What Malwarebytes detected are Adware infections. The infection is PopCap and MyWebSearch. Doing a quick-google search on those should give you some writeups on the infection.

Those appear to be "leftovers" of registry items of those infections, and Malwarebytes detected them. As GT500 mentioned, those are safe to check and remove.

With Regards,
Extremeboy

[kaitlin652]

extremeboy, on Sep 1 2009, 04:17 PM, said:

Hello.

Malwarebytes, have certain things that it will not delete in the registry if it is very crucial to the operating system itself.

You are right that you should not go exploring the registry. A good free program that can backup your registry is ERUNT.

Here is instructions on installing and running it....

Backup Registry with ERUNT

This tool will create a complete backup of your registry. A backup is created to ensure we have backup so encase anything goes wrong we can deal with it. Do not delete these backups until we are finished.

• Please download erunt-setup.exe to your desktop.
  
• Double click erunt-setup.exe. Follow the prompts and allow ERUNT to be installed with the settings at default. If you do not want a Desktop icon, feel free to uncheck that. When asked if you want to create an ERUNT entry in the startup folder, answer Yes. You can delete the installation file after use.
  
• Erunt will open when the installation is finished. Check all items to be backed up in the default location and click OK.

You can find a complete guide to using the program here:
http://www.larsheder...erunt/erunt.txt

What Malwarebytes detected are Adware infections. The infection is PopCap and MyWebSearch. Doing a quick-google search on those should give you some writeups on the infection.

Those appear to be "leftovers" of registry items of those infections, and Malwarebytes detected them. As GT500 mentioned, those are safe to check and remove.

With Regards,
Extremeboy

Hi thanks for all of your help, I downloaded the application that you suggested and performed the backup as mentioned, is this all that I have to do? I did add it to my desktop, thanks again Teresa

[GT500]

kaitlin652 said:

Hi thanks for all of your help, I downloaded the application that you suggested and performed the backup as mentioned, is this all that I have to do? I did add it to my desktop, thanks again Teresa

Yes, once you have a backup you can proceed without fear.