Basically to save people time I am just letting it be known if found by MSASW to do some research on it file it finds before you panic to much.
http://www.microsoft...exp=&sloc=en-us
Currently signatures on registry keys and values that are known to be
created by malicious software are reported as a detection for that threat,
even if no other files or other traces of the threat are found.
There are plans to change this behavior in the future, which should resolve
the issue.
Thanks
-Mike
I POSTED EARLIER>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Hi GTG and everyone else.I know I can't reply to someone elses HJT log here but wanted to leave some info just the same.Hope you dont mind me putting it here where it would be seen faster than falling by the wayside in a General part of forum.
In reference to a post here in Geeks to that Leena was working on.
Hi,
Your log isn't really showing anything so lets run a scan.
http://www.geekstogo...opic=104707&hl=
I was getting some False Positive with the Microsoft ASW with SpywareDoctor as others I have found to be getting the same.So this is only a possibility.......
Seems you delete it and it comes right back.
Once Spydoctor was uninstalled the MSASW did not pick it back up.It has happened also with Trojan Hunter Guard and A Squared being picked up as rogue.
I too ran MS ASW and got the result that I had rivarts A.Backdoor. I had the same 6 mchInjDrv entries in the registry. I let MS ASW remove them, but they returned after reboot. I then tried to remove them manually from the registry, but again they returned after reboot. I suspected Spyware Doctor, and uninstalled it. I ran MS ASW and this time there were no problems reported. I also checked the registry, and all the mchInjDrv registry entries were gone. Hope this helps
Just wanted to share my finding with you if they apply.I know some people wasted hours and hours scanning for something that was not truley there ,it might save time on some logs........
Try having the Original poster uninstall SPYDOC then redo the scan and see what comes of it.They can always re-install it
Just some info for all if it helps any.......
Great job I see you are doing over here .Keep up the good work.Alot of good info.
Regards,
TakeBK
http://castlecops.co...A_Backdoor.html
Edited by TakeBK, 29 March 2006 - 01:33 PM.