Results 1 to 6 of 6
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Location
    Canada
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Registry Keys identified by malware program

    My program identified the following keys after a scan. The program could not remove them. Should I remove them manually using the regedit program?

    Registry Keys Detected: 1
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \bProtectSettings (PUP.Optional.BProtector.A) -> No action taken.

    Registry Values Detected: 1
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} -> No action taken.

    Thanks, Sam.

  2. #2
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    You do not say what app you are using. I would run a full scan with MalwareBytes Anti-Malware to attempt removal. If I recall correctly we had another thread recently discussing the PUP malware.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  3. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,745
    Thanks
    171
    Thanked 648 Times in 571 Posts
    Quote Originally Posted by Medico View Post
    If I recall correctly we had another thread recently discussing the PUP malware.
    The PUP malware? It's a generic term for stuff that's not really malware.

    Bruce

  4. #4
    Silver Lounger Banyarola's Avatar
    Join Date
    Dec 2009
    Location
    Big Indian, New York
    Posts
    1,900
    Thanks
    19
    Thanked 65 Times in 54 Posts
    After my current dog is gone I am never getting another pup.
    "If You Are Reading This In English, Thank A VET"

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    Canada
    Posts
    13
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Two different programs identified the registry problem. Neither of the programs could fix or delete the entries.
    The two programs were: jv16 Power Tools 2012 and Malwarebytes
    Sam
    Last edited by shaneman; 2013-09-17 at 11:40.

  6. #6
    Super Moderator bbearren's Avatar
    Join Date
    Dec 2009
    Location
    Polk County, Florida
    Posts
    3,760
    Thanks
    26
    Thanked 424 Times in 338 Posts
    This type of key is usually associated with a browser helper object/toolbar/default search sort of thing. The registry key allows the thing to regenerate itself after you think you've gotten rid of it. Open regedit using Run as administrator, export the two keys (which creates a copy) to your desktop (they will be harmless there, so long as you don't double-click either one) and then delete them from the registry.

    You may need to take ownership of the keys in order to delete them. If your machine runs fine for a few days, you can delete the exported keys from the desktop. If your machine starts to show hiccups, you can restore the keys just by double-clicking the export on the desktop. That will merge the keys back into the registry. If that becomes necessary and you do merge the keys back into the registry, it is then safe to delete the exports from the desktop.
    Create a fresh drive image before making system changes, in case you need to start over!

    "The problem is not the problem. The problem is your attitude about the problem. Savvy?"—Captain Jack Sparrow "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware.
    Unleash Windows

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •