TechSpot

Malware found

By strategic
Jul 16, 2009
  1. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Would you like me to help review the logs that were posted on that thread? It appears that no one did. Part of the reason for that is that you were not focused on the problem. Each reply had something else in it. It also looks like you made reference to running the cleaning programs but did not include the logs at that time, but went back and edited them in.

    The problem with doing that using Edit is that if does not send out feedback notification of a reply.

    I would also like to mention that you have a lot of unnecessary processes starting on boot.

    Are you requesting help with malware cleaning?v If so, let's handle that as an overall system problem, and deal with the specifics when the system is clean.

    I would like you to rescan with HijackThis and attach a new log.
    Also, please do a full system scan with Avast, save and attach the log.


    BTW, the 2 items you refer to were fixed in Malwarebytes:
    [b/Registry Data Items Infected:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
     
  2. strategic

    strategic TechSpot Paladin Topic Starter Posts: 1,020

    Thanks Bobbye,
    Yes my thread did turn into a bit of a mess, I have posted 2 log files originally, then removed them and inserted them together with the others towards the end. However, I realize that the 2 found malwares were repaired, I was just wondering if somebody could identify them, and what they did. I had issues with my MS Office running slow, now it runs great and just wanted to see if that was the problem.

    Also, if you could help me identify the processes that i can 'suspend' it would be great.

    Thank you...:)
     
  3. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Registry Data Items Infected:
    HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S)


    From Malwarebytes:
    http://www.malwarebytes.org/forums/index.php?showtopic=6195
    Comments were made that this was 'fixed in v1.27 but you used Malwarebytes' Anti-Malware 1.39
    Database version: 2421

    Comment from user, same thread:
    (Note: no spelling corrections are made in qupted text)

    Can't tell you any more that that. Google (Broken.OpenCommand) if you want to look again.
     
  4. strategic

    strategic TechSpot Paladin Topic Starter Posts: 1,020

    Thank you for the info Bobbye, it's very much appreciated... :)
     
  5. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're welcome.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...