Malbytes finds 6 trojans. what do I do next?

Posted on 2011-10-03
Last Modified: 2012-05-12
Whilst rying to get rid of a nasty redirect virus I ran Malbytes. It found multiple trojans. Here is the log:

Malwarebytes' Anti-Malware

Database version: 7854

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/3/2011 2:33:48 PM
mbam-log-2011-10-03 (14-33-26).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|J:\|)
Objects scanned: 549424
Time elapsed: 1 hour(s), 28 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Reasonable_Software_House Update (Trojan.Agent) -> Value: Reasonable_Software_House Update -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Reasonable_Software_House Update (Trojan.Agent) -> Value: Reasonable_Software_House Update -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Olivia\AppData\Local\reasonable_software_house\reasonable_software_houseupdate\reasonable_software_houseupdt32.exe (Trojan.Agent) -> No action taken.
c:\Users\Olivia\AppData\Local\reasonable_software_house\reasonable_software_houseupdate\reasonable_software_houseupdt32.dll (Trojan.Agent) -> No action taken.
c:\Users\Olivia\Desktop\rd trouble shoot\rk_quarantine\reasonable_software_houseupdt32.exe.vir (Trojan.Agent) -> No action taken

What should I do now? Thanks.
Question by:oliviajones
    LVL 10

    Accepted Solution

    On completion of scan, Malwarebytes should give you option to "Disinfect"/"Clean".
    Just click that button and it will take care by itself.

    LVL 77

    Assisted Solution

    by:David Johnson, CD, MVP
    boot off of your install DVD chose repair then get a command prompt and delete these entries
    start your registry editor (regedit) and delete the key
    I'm surprised malware bytes didn't delete them.. or did you tell it NOT to take action?
    LVL 2

    Expert Comment

    In short, backup your data and reinstall Windows. That may seem like the "easy way out", but it is the quickest and most reliable way to get back up and running.

    Author Comment

    I think I still have the option to let malbytes take care of it. I thought maybe it was better to submit logs here first for expert review. just an excess of caution I guess. Reinstalling windows would be a last ditch nightmare for me. should I try to have malbytes take care of it first?
    LVL 77

    Expert Comment

    by:David Johnson, CD, MVP
    yes you should have done it at once.

    Author Comment

    I have removed all threats and rebooted. Should I run Malbytes again?
    LVL 47

    Assisted Solution

    Is that "Reasonable_Software_House" installed by you or anyone who uses that PC?
    If no one installed "NoClone" or any program from Reasonable_Software_house then let MalwareBytes take care of everything it finds and check in Add/Remove Programs list for that software also and uninstalled it there if listed.

    Sometimes Malwarebytes flags some unknown software as trojans.
    LVL 91

    Assisted Solution

    you can run MBAM again
    in most cases, you don't need to run the full scan - use the quick one instead

    Author Closing Comment

    reran mbam again (quick scan) and BHO  trojan was BACK in the registry. So now I'll start this dance again w/ hijack this, but that's another question...Thanks all

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    For those of you actively in the Malware fightling business, we now have available an amazing new tool in the malware wars (first recommended to me by rpggamergirl (, the Zone Advisor for the Virus and …
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
    This Micro Tutorial will teach you how to the overview of Microsoft Security Essentials. This is a free anti-virus software that guards your PC against viruses, spyware, worms, and other malicious software. This will be demonstrated using Windows…

    754 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now