A
Alyssa479
Hello,
Recently my virus scanner (Malwarebytes) discovered a registry key that seemed to be associated with a virus that I thought I had gotten rid of a while ago. After doing some digging around in the regsitry editor I found some user keys in HKU that were similar to the one that was found in the scan. The user's key is S-1-5-21-1056437499-3650250187-3843188673-1001. Is this normal or is this user associated with the threat and should be deleted immediately? I completely got rid of the infected programs, keys, and files, but this is making me paranoid that my computer is still infected. This is the report from Malwarebytes:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 8/10/18
Scan Time: 11:15 PM
Log File: d2d8fbee-9d14-11e8-9a86-309c2313b15d.json
Administrator: No
-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.391
Update Package Version: 1.0.6297
License: Free
-System Information-
OS: Windows 10 (Build 17134.165)
CPU: x64
File System: NTFS
User: MSI\ae325
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 344643
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 0 min, 43 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
RiskWare.BitCoinMiner, HKU\S-1-5-21-1056437499-3650250187-3843188673-1001\SOFTWARE\IdleBuddy, Quarantined, [930], [550947],1.0.6297
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Thank you!
Continue reading...
Recently my virus scanner (Malwarebytes) discovered a registry key that seemed to be associated with a virus that I thought I had gotten rid of a while ago. After doing some digging around in the regsitry editor I found some user keys in HKU that were similar to the one that was found in the scan. The user's key is S-1-5-21-1056437499-3650250187-3843188673-1001. Is this normal or is this user associated with the threat and should be deleted immediately? I completely got rid of the infected programs, keys, and files, but this is making me paranoid that my computer is still infected. This is the report from Malwarebytes:
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 8/10/18
Scan Time: 11:15 PM
Log File: d2d8fbee-9d14-11e8-9a86-309c2313b15d.json
Administrator: No
-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.391
Update Package Version: 1.0.6297
License: Free
-System Information-
OS: Windows 10 (Build 17134.165)
CPU: x64
File System: NTFS
User: MSI\ae325
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 344643
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 0 min, 43 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 1
RiskWare.BitCoinMiner, HKU\S-1-5-21-1056437499-3650250187-3843188673-1001\SOFTWARE\IdleBuddy, Quarantined, [930], [550947],1.0.6297
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
Thank you!
Continue reading...