Jump to content


Photo

PUP located in Registry Key files

Need help PUP removal

  • This topic is locked This topic is locked
3 replies to this topic

#1 Fazzy713

Fazzy713

    New Member

  • Members
  • Pip
  • 2 posts

Posted 16 August 2013 - 10:32 PM

I ran a quick scan and it always shows that I have 7 infected files located in my registry key files. When I go to location it gives me an option to delete. Should I delete them? Any help is much appreciated! :) Sincerely, Little to no computer knowledge

 

 

 



#2 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,245 posts
  • Gender:Male
  • Location:US

Posted 16 August 2013 - 11:52 PM

Please post the log so that we can see what was found.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook


#3 Fazzy713

Fazzy713

    New Member

  • Members
  • Pip
  • 2 posts

Posted 18 August 2013 - 02:32 PM

Here ya go. :)

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.14.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
bestofbests2011 :: ACER [administrator]

8/18/2013 2:16:59 PM
mbam-log-2013-08-18 (14-16-59).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233189
Time elapsed: 5 minute(s), 56 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211621178} (PUP.Optional.Crossrider) -> No action taken.

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Data: Searchqu Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Data:  -> No action taken.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#4 AdvancedSetup

AdvancedSetup

    Staff

  • Root Admin
  • PipPipPipPipPipPip
  • 41,245 posts
  • Gender:Male
  • Location:US

Posted 18 August 2013 - 04:31 PM

I would remove them myself.  Please see the following post for more information on PUP

http://forums.malwar...howtopic=130156

 

If you need further assistance please let us know.


Ron Lewis
Forum Community Manager

staff.png

Follow us: Twitter, Become a fan: Facebook






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users