janineoke
2014-09-26, 16:56
Hi,
Thankyou for the forum, I have used it and been very pleased with the information I have come across.
I have found that Spybot has come across 2 persistent malware registry points and I have been able to match one of them and take it away.
It had 3408AC0D-510E-4808-8F7B-6B70B1F88534 in it and matched one of the previous threads exactly so I deleted it.
I therefore have one persistent 3408AC0D-510E-4808-8F7B-6B70B1F88534 point in the registry and so I did a control F and found 3 of them in the following registers:
1. HKEY_CLASSES_ROOT\Wow6432Node\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
2. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
3. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
And now I am unsure if I should delete all or just one of them as spybot only comes up with this one:
Win32.2UrFace.bho: [SBI $62251A5D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
which I should perhaps assume is number 1, but as there is not mention of Wow6432Node I am a little unsure especially as I have rarely changed regedit.
Also perhaps the other 2 are being missed by spybot?
kindest regards and thanks again for this service,
Janine
Thankyou for the forum, I have used it and been very pleased with the information I have come across.
I have found that Spybot has come across 2 persistent malware registry points and I have been able to match one of them and take it away.
It had 3408AC0D-510E-4808-8F7B-6B70B1F88534 in it and matched one of the previous threads exactly so I deleted it.
I therefore have one persistent 3408AC0D-510E-4808-8F7B-6B70B1F88534 point in the registry and so I did a control F and found 3 of them in the following registers:
1. HKEY_CLASSES_ROOT\Wow6432Node\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
2. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
3. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
And now I am unsure if I should delete all or just one of them as spybot only comes up with this one:
Win32.2UrFace.bho: [SBI $62251A5D] Settings (Registry Key, nothing done)
HKEY_CLASSES_ROOT\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
which I should perhaps assume is number 1, but as there is not mention of Wow6432Node I am a little unsure especially as I have rarely changed regedit.
Also perhaps the other 2 are being missed by spybot?
kindest regards and thanks again for this service,
Janine