Malware found

Status
Not open for further replies.
Would you like me to help review the logs that were posted on that thread? It appears that no one did. Part of the reason for that is that you were not focused on the problem. Each reply had something else in it. It also looks like you made reference to running the cleaning programs but did not include the logs at that time, but went back and edited them in.

The problem with doing that using Edit is that if does not send out feedback notification of a reply.

I would also like to mention that you have a lot of unnecessary processes starting on boot.

Are you requesting help with malware cleaning?v If so, let's handle that as an overall system problem, and deal with the specifics when the system is clean.

I would like you to rescan with HijackThis and attach a new log.
Also, please do a full system scan with Avast, save and attach the log.


BTW, the 2 items you refer to were fixed in Malwarebytes:
[b/Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: ("%1" /S) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: (NOTEPAD.EXE %1) Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
 
Thanks Bobbye,
Yes my thread did turn into a bit of a mess, I have posted 2 log files originally, then removed them and inserted them together with the others towards the end. However, I realize that the 2 found malwares were repaired, I was just wondering if somebody could identify them, and what they did. I had issues with my MS Office running slow, now it runs great and just wanted to see if that was the problem.

Also, if you could help me identify the processes that i can 'suspend' it would be great.

Thank you...:)
 
Registry Data Items Infected:
HKEY_CLASSES_ROOT\scrfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ("%1" %*) Good: ("%1" /S)


From Malwarebytes:
http://www.malwarebytes.org/forums/index.php?showtopic=6195
There was a glitch in the way we corrected this key in the past , this undoes that . The glitch would not cause any problems which is why no one had a bug report for it .

The value being set today is the value that MS installs when you install windows .

This is not actually fixing a problem , only setting a value exactly the way it would be set when windows is installed .

Comments were made that this was 'fixed in v1.27 but you used Malwarebytes' Anti-Malware 1.39
Database version: 2421

Comment from user, same thread:
I let MBAM version 1.27 fix both the broken.securityprovider and the broken.opencommand. When it found both, I selected "remove". MBAM made the correction to both, rebotted my system, and everything is running fine. I have encountered no problems such as described by others. I am running WinXP SP3 on a Dell.
(Note: no spelling corrections are made in qupted text)

Can't tell you any more that that. Google (Broken.OpenCommand) if you want to look again.
 
Status
Not open for further replies.
Back