what does it mean for MalwareBytes to find malicious registry keys but nothing else?

windows rootkit malware-removal malware-detection
39,583

It might be the case that another program (like your antivirus, CCleaner, or some other anti-malware app you've used) already deleted the files but left the Registry keys behind. It might also be the case that the malware relocated itself one or more times while trying to evade detection, or created decoy registry keys.

I've had good luck with MalwareBytes; it has detected and removed a lot of malware that other antivirus and anti-malware apps have failed to detect or remove. Every time someone I know gets tricked into installing one of those socially-engineered malware apps, like Microsoft Antivirus [insert year], MalwareBytes has had no problem removing it. That said, I don't trust any single program to catch everything. When someone gives me an infected computer, I usually run MalwareBytes, Spybot S&D or Ad-Aware, and Microsoft Security Essentials.

If you're still suspicious of an infection after running several detection and removal programs, BleepingComputer has some very helpful resources for identifying and removing malware, including instructions on how to use HijackThis to identify suspicious activity on your computer.

Share:
39,583

Related videos on Youtube

stark
Author by

stark

Updated on September 18, 2022

Comments

  • stark
    stark over 1 year

    I have a machine that is obviously infected, and when I ran MalwareBytes it told me that it found some "malicious" registry keys (surprisingly enough these contained file path to currently non-existent javascript files). But, that's it. Full scan did not uncover any malicious files, or malicious hidden processes in memory. Like, maybe the (hidden?) process that for whatever reason periodically injects keystrokes (hotkeys?) into whatever currently open window.

    Then on another, not obviously infected, machine it found a "malware.trace" registry key but again no files or processes etc.

    How does this jive with people's experience with MalwareBytes? Does it usually find registry key symptoms of an infection but nothing else? Or is it a common thing to have no infection but some malicious registry keys in place anyway?

  • EKW
    EKW about 12 years
    MWB will also detect some 'normal' keys, such as disabling the Windows Firewall or Security Center notifications, as malicious, since those are commonly set by spyware.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

High memory usage on Windows 7 unable to open browser
Completely remove FlexNet Connect software
How can I remove http://p.chango.com/static/c.js from my site?
Windows-7 system files integrity
Removing invisible extension “happysale” in google chrome
Cannot Delete Item "Could Not Find This Item" issue
My computer is sending ICMP packets to arbitrary destinations
A list of Windows rootkit detection and removal tools
how to find out what created a file?
File delete - access is denied even with /F