aland08
Honorary Members-
Posts
30 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by aland08
-
Don't know...MBAM never did confirm
-
YoKenny1, I manually cleaned out my temp folder. exile360, Thank you for getting involved. I will run the error check this weekend! However, please know that MBAM only crashed briefly, & I agree, that the dump files were seem to be the reason that Avast detected something. I tried updating MBAM a couple of hours later the evening that it crashed & it was fine, & still is. My thought was to do as you suggested & remove & re-install but since it is working again, I have not. My thought was that perhaps MBAM knew of some internal issues with the update that were causing the non-responsive program, as I believe the program was responsive at the scan level, just not while updating. I was looking for this confirmation...if possible. My other concern lies with the type/name that Avast gave the so called infection as that is in fact a legitimate bug. I was wondering if MBAM somehow became infected itself or if the name that Avast gave the infection was simply an FP an as a result of the dump. Any more thoughts would be welcomed & appreciated! Thanks!
-
Using version 4.8 Home (free) w/ most recent updates So, you would not be concerned, even w/ the report of "MSIL:Crypt-N"? Like I said, there was a problem w/ MBAM being non-responsive & not updating immediately prior to the Avast scan. This behavior prompted the scan & I have NEVER had Avast detect anything from MBAM before...
-
gtyhfy, Thanks...MBAM forum was hanging...& hanging....very slow load or wouldn't load at all, hence my starting & stopping the thread post. I have certainly approved all such MBAM programs with my firewall & I have never had any issie w/ Avast detecting anything from MBAM..until today that is... I figured it had to do with the MBAM program not updating properly & not responding & for some reason Avast detected the dump files as an infection. MBAM IS once again running & updating properly. I would like to know why it was non-responsive & failed to update though. This also has never happened to me...
-
Hi, Avast picked up the following tonight, despite the fact that I am extremely careful....I am very selective opening email attachments & downloading anything online. I use my Ubuntu machine for much of that. I run a hard & soft firewall, Avast, MBAM & SAS...so, considering my protection & safe internet practice, I am hoping these are FP's. \temp\WER44a0.dir00\mbam.exe.hdmp \temp\WER9a2c.dir00\mbam.exe.hdmp \temp\WERd8b8.dir00\mbam.exe.hdmp Infection= MSIL:Crypt-N Avast detected these shortly after I tried updating MBAB & the program was not responsive... I have yet to try to go back into MBAM... Any thoughts? Thanks!
-
Hi, Just scanned & picked up "Trojan.Chifrax" infections in the following areas: Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\setup.exe (Trojan.Chifrax) -> Quarantined and deleted successfully. Files Infected: C:\Documents and Settings\Alan\Local Settings\Temp\setup.exe (Trojan.Chifrax) -> Quarantined and deleted successfully. I am heavily protected, very careful where I go online & do not download info from untrusted sources. So, I am inclined to think that this may be an FP but I see no other reports of such. I scanned with Avast late last night & was clean yet this morning MBAM picked up the Trojan.Chifrax. There was a Windows update overnight that automatically installed & restarted my pc. I would appreciate any input. Thanks!
-
Well...full scan clean too. All seems to be well. Thanks everyone for the prompt replies!! But just to be sure....can anyone answer this...?
-
TeMerc, Well, I updated, restored & ran a quick scan & .... no detections! I am now running a full scan just for kicks. All of the 210 infected objects were FP's? Would you mind explaining to me what the cause was? Thanks!! Alan
-
Thanks noknojon....we'll see how the scan goes. 210 infected files just hours after I mistakenly typed in the url of a shady site.... not at all comfortable!
-
Sorry...apparently I can restore them as I did not delete them from quarantine...here goes. Stay tuned!
-
BTW- Full scan just came back clean too but I cannot restore the infected objects if I deleted them :-(
-
Temerc, Just read your post....So, all of these are FP's? Don't toy with me now :-) This would be exciting...
-
We seem to be just missing each other :-) Nothing yet...although this just happened. I am running another full scan to be sure & I will run Avast again & AdAware as well. But...I am thinking that I will be clean as Avast never picked this stuff up. I have not been infected since using Avast about 6 months ago, along with MBAM, Spywareblaster & AdAware. Seem to be pretty well protected. So...what do you think & if they are FP's, what kind of damage could I have done deleting them in a panic? I should have updated MBAM again (just did it yesterday so I didn't bother today) prior to quarantining & deleting to see if the scan results were the same.
-
noknojon, Thanks for the prompt reply!
-
Hi All, I hope to God that these 210 infections are FP's. I have been reading a bit here & do see some similar FP's listed but 210?! Below is the log with the infections. I have since run a clean quick scan & prior to the scan that picked up the infected objects, I ran a clean Avast scan. I also use Spywareblaster & AdAware. Just yesterday, MBAM came up clean. We are very careful as to the sites we visit & always use McAfee Site Advisor prior to going to a new site however...today I accidentally mistyped a url & later learned that the site I entered was not always safe. So...FP's or did this site get me? I would appreciate the help so I can sleep tonight :-) Thanks. ----------------------------------------------------------------------- Malwarebytes' Anti-Malware 1.41 Database version: 2796 Windows 5.1.2600 Service Pack 3 09/15/2009 12:49:05 AM mbam-log-2009-09-15 (00-49-05).txt Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|) Objects scanned: 169881 Time elapsed: 27 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 196 Registry Values Infected: 6 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 8 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\TypeLib\{a81a7a14-1ffb-11d1-94c5-00609778ea69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{0dec0e40-eea6-11d1-8989-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{3111bcc0-eac5-11d1-8989-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{46f56d92-af23-11d1-8010-00600896c25c} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{55d922a1-6a97-11d1-9dd9-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{612bff71-e37e-11d1-9dec-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{7b712335-509f-11d1-b308-006097c9b3e0} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{8cec14d0-a7c3-11d1-b31c-006097c9b3e0} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a81a7a13-1ffb-11d1-94c5-00609778ea69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{a81a7a15-1ffb-11d1-94c5-00609778ea69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ca12a562-9be7-11d1-9de1-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ca12a564-9be7-11d1-9de1-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ca12a565-9be7-11d1-9de1-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{ca12a566-9be7-11d1-9de1-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{d607e200-efaf-11d1-898a-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{dc91fc21-debe-11d1-88fb-006097d2df52} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{e0c765b0-b858-11d1-b31f-006097c9b3e0} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665311-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665314-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665315-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665316-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665317-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665318-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f0665319-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{f066531c-dbc7-11d1-9dea-006097d2df69} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a0-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a1-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a2-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a3-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a4-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a5-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a6-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a7-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01c3d4a8-a701-11d1-8324-00a024caa292} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{06e60c54-07cd-11d2-8732-00aa00a42c71} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a02-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a03-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a04-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a05-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a06-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a07-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a08-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a09-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a0b-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a0c-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a0d-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1ecc7a0e-1b96-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606986-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606987-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60698a-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60698b-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60698c-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606990-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606991-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606993-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606994-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606995-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606996-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606997-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606998-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a606999-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699a-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699b-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699c-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699d-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699e-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a60699f-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a1-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a2-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a3-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a4-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a6-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a7-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a8-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069a9-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069aa-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069ab-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069ac-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069ad-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069ae-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069af-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b0-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b1-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b2-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b3-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b4-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b5-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b6-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b7-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b8-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069b9-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069ba-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069bb-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069be-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069bf-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069c1-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3a6069c2-1b69-11d2-a099-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3c1a0d02-360a-11d2-89a8-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3c1a0d03-360a-11d2-89a8-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{486340f0-eebb-11d1-8989-00a0c9b644e1} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{5a5a8281-3e96-11d2-89a9-00a0c9b63d10} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{696c6156-a3ff-11d1-9782-00a0c913820b} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{696c6156-a402-11d1-9782-00a0c913820b} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{696c6156-a412-11d1-9782-00a0c913820b} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{696c6156-a422-11d1-9782-00a0c913820b} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c91-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c92-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c93-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c94-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c95-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c96-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c97-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c98-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{743d9c99-b465-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d04-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d05-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d06-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d07-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d08-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d13-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d14-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d15-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d16-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d17-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d18-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d19-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1a-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1b-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1c-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1d-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1e-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d1f-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d20-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d22-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d23-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d24-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d25-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d26-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d27-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d28-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d29-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d2a-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d2b-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{85980d2c-9851-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8931fac9-a4c7-11d1-a0fd-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8931facb-a4c7-11d1-a0fd-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabd8-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabd9-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabda-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabdb-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabdc-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabdd-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabde-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabdf-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabe1-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabe2-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabe3-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a04fabe4-98f7-11d1-a0f4-00c04fb67cf6} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bd8cd1e2-3215-11d2-89a6-00a0c9b63d10} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{bd8cd1e3-3215-11d2-89a6-00a0c9b63d10} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046551-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046552-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046553-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046554-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046555-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046556-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046557-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046558-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046559-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655a-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655b-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655c-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655d-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655e-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304655f-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046560-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046561-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046562-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046563-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046564-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046565-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046566-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046567-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046568-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046569-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304656a-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304656b-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304656c-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f304656f-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046570-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046571-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046572-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046573-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{f3046574-b3cd-11d1-b59e-00a0c90540d9} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{fbbb8184-0bb8-11d2-a095-00a0c9b6359a} (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{fc8d424f-0246-11d2-8904-006097d2df52} (Rogue.Installer) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Microsoft Shared\Grphflt\fpx32.flt (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Common Files\Microsoft Shared\Picture It!\pibase.dll (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Microsoft Picture It! 9\piedit.dll (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Microsoft Picture It! 9\piservr5.dll (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Microsoft Picture It! 9\pitask.dll (Rogue.Installer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\Microsoft Picture It! 9\1033\pitres.dll (Rogue.Installer) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\Common Files\Microsoft Shared\Grphflt\fpx32.flt (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Common Files\Microsoft Shared\Picture It!\pibase.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\cutout.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\pibase.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\piedit.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\piservr5.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\pitask.dll (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Microsoft Picture It! 9\1033\pitres.dll (Rogue.Installer) -> Quarantined and deleted successfully.
-
OHHHH....I totally misunderstood your meaning initially. You just modified MBAM tonight to detect such infections....prior to my updating and scanning. Thanks for your support...I am impressed Have a good night.
-
ps- for example, why would these suddenly show up now & why do you think they are long gone. Thanks. Alan
-
Nick, Maybe I am a little slow tonight but I don't understand... Just so you know, I scan daily with Avast, MBAM & AdAware, run Spywareblaster, a hard firewall in addition to Windows, & just picked this up tonight, granted I did update MBAM prior to scanning. Any chance you could explain a bit more. Thanks, Alan