I completed running my first scan using Malwarebytes and the results show the following files as Rogue.Multiple
C:\Documents and Settings\All Users\Application Data\13345784
and
C:\Documents and Settings\All Users\Application Data\13345784\13345784
Are these files safe to delete?
Full Version: Rogue.Multiple in Scan Results
Hello Mike,
Have MBAM place them in quarantine. If after a few days/a week, there are no complaints from your everyday applications, you can return later to MBAM and have them deleted permanently.
Have MBAM place them in quarantine. If after a few days/a week, there are no complaints from your everyday applications, you can return later to MBAM and have them deleted permanently.
QUOTE (Maurice Naggar @ Aug 22 2009, 10:21 PM) 
Hello Mike,
Have MBAM place them in quarantine. If after a few days/a week, there are no complaints from your everyday applications, you can return later to MBAM and have them deleted permanently.
Have MBAM place them in quarantine. If after a few days/a week, there are no complaints from your everyday applications, you can return later to MBAM and have them deleted permanently.
At the end of the file name under "Action Taken" at shows "No Action Taken"
Follow all steps listed here:
Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab. Make sure all option lines have a checkmark.
Next, Click the Update tab. Press the "Check for Updates" button.
If you are prompted to allow a Restart for it to apply the new version, please allow that and then restart MBAM again
When done, click the Scanner tab.
Do a Quick Scan.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab. Make sure all option lines have a checkmark.
Next, Click the Update tab. Press the "Check for Updates" button.
If you are prompted to allow a Restart for it to apply the new version, please allow that and then restart MBAM again
When done, click the Scanner tab.
Do a Quick Scan.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
QUOTE (Maurice Naggar @ Aug 22 2009, 10:44 PM)
Follow all steps listed here:
Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab. Make sure all option lines have a checkmark.
Next, Click the Update tab. Press the "Check for Updates" button.
If you are prompted to allow a Restart for it to apply the new version, please allow that and then restart MBAM again
When done, click the Scanner tab.
Do a Quick Scan.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab. Make sure all option lines have a checkmark.
Next, Click the Update tab. Press the "Check for Updates" button.
If you are prompted to allow a Restart for it to apply the new version, please allow that and then restart MBAM again
When done, click the Scanner tab.
Do a Quick Scan.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Hello Maurice,
I can perform another scan as you noted, but what action should I take with the initial scan results? Do I click on "Remove Selected", "Ignore" or "Save Logfile".
I have minimized the results in my browser and have not taken any action on the following results:
Rogue.Multiple Folder C:\Documents and Settings\All Users\Application Data\13345784
Rogue.Multiple File C:\Documents and Settings\All Users\Application Data\13345784\13345784
Trojan.Agent File C:\Program Files\Common\helper.sig
Under the tab "Action Taken" each of the above is listed as "No Action Taken"
I performed a file search for helper.sig and and found two results. _helper.sig and helper.sig
Both _helper.sig and helper.sig show as a 52KB SIG Files. When I right click on the files and click open I get a pop-up that states "Windows cannot open this file"
and opens with an Unknown application
QUOTE (mikeld)
... what action should I take with the initial scan results? Do I click on "Remove Selected", "Ignore" or "Save Logfile".
Click "Remove Selected" to remove anything that has a check mark in it's box.
Everything you have listed above is safe to delete.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.