Jump to content

Yesterday I ran a scan with malwarebytes what is it?


Recommended Posts

Hi I just have a question on a malwarebytes scan that I ran yesterday. I just want to know what was found. I first ran a scan with my antivir anti virus and it came up clean. I happen to really like this program so when malwarebytes came up with five detections I was a little shocked. However i felt there was something there like a Trojan from a attack a while back. So three hours later I ran a malwarebytes full scan and this came up. It detected five ROGUE.INSTALLERS? To me when I see rogue I think rogure spyware. There are manykinds of rogue spyware, but I googled this and came up with nothing so can you tell me what malwarebytes found? Rogue spyware or some kind of malware? THANKS ALOT, PS the program has been terriffic, I very happy. :) THANKS ALOT!!

Malwarebytes' Anti-Malware 1.32

Database version: 1653

Windows 5.1.2600 Service Pack 2

1/14/2009 8:22:05 PM

mbam-log-2009-01-14 (20-22-05).txt

Scan type: Full Scan (C:\|)

Objects scanned: 150911

Time elapsed: 35 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 5

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP294\A0025071.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP308\A0025296.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP322\A0025587.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP324\A0025750.exe (Rogue.Installer) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP338\A0026181.exe (Rogue.Installer) -> Quarantined and deleted successfully.

Link to post
Share on other sites

  • Root Admin

Hello and Welcome to Malwarebytes.org

Please read and follow the instructions provided here: I'm infected - What do I do now?

Someone will be happy to assist you further with cleaning your system if required

During this scan and cleanup process you should not install any other software unless requested to do so.

Please do not post logs in the General forum. Thanks.

Link to post
Share on other sites

  • Root Admin

How hard is this?

Well with trying to answer dozens and dozens of post every day and most users asking the same question and posting a log I often don't read the header because I see the LOG which doesn't belong here.

There is no way to determine what the file is because it has been neutered by either MBAM or another Anti-Virus or Anti-Malware program and the left over remnants of it were automatically copied to the System Restore area of the hard drive. The files stored there are of no threat unless you were to do a restore in which case they would be restored. Typically one of the last operations asked to do when we help a user clean their system is to clear out the System Restore. Either this step was bypassed, or not given, or you never worked the log files here.

Thank you.

Link to post
Share on other sites

Hi I just have a question on a malwarebytes scan that I ran yesterday. I just want to know what was found. I first ran a scan with my antivir anti virus and it came up clean. I happen to really like this program so when malwarebytes came up with five detections I was a little shocked. However i felt there was something there like a Trojan from a attack a while back. So three hours later I ran a malwarebytes full scan and this came up. It detected five ROGUE.INSTALLERS? To me when I see rogue I think rogure spyware. There are manykinds of rogue spyware, but I googled this and came up with nothing so can you tell me what malwarebytes found? Rogue spyware or some kind of malware? THANKS ALOT, PS the program has been terriffic, I very happy. ;) THANKS ALOT!!

First, thanks for the comments concerning our program. We're very pleased with it ourselves. *grin*.

Second, Rogue Installers are programs that will install known rogues, such as XPAntivirus2008, 2009, etc. Trojans are well known for downloading installers for these. So if you had a few lying around, your old scan? killed them, but missed the copies recycled (heh) by windows. If you'd like, you can toggle system restore off and then back on, and it'll clean out the dirty cache for you. Or just wait and windows will eventually purge them from the cache on it's own.

Link to post
Share on other sites

Look I've been out of work ill for over two years, I have no life. The computer, tv and some video games are all I do. I have ups and downs. After i wrote the reply I knew that it was the wrong thing to do. I am very sorry and just wanted a answer. I overreacted and because of the poor support webroot is giving me mybe that had something to do with it. I own a-squared, malwarebytes and some other software. Maywarebytes has saved me many time i can't tell you how strong I think of the product. Again I"M very sorry

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.