WinTech Posted June 26, 2009 I have a machine here that superantispyware detected this particular malware. The name of the file is msfbgbrt.dll. It obviously does not belong in the system32 folder and a google search of the file name turns up nothing. Superantispyware is the only thing that detects this file as malicious. I scanned it with malwarebytes, avg, norton 2009, and avast all with negative results. Getting rid of the file is not a problem, however when superantispyware quarantines the file or if I delete it manually a problem arises. Every program I run gives me an error referencing the deleted/quarantined file. It does not prevent you from running the program, you just have to click ok a million times to access the program you want. I figured I would just search the registry for the reference to the file and fix it. A registry search does not turn up this file at all. How do I remove the hook for this file so when I run a program I don't get this missing file error? Share this post Link to post Share on other sites
WinTech Posted June 26, 2009 Thanks for the reply, here is the log: SUPERAntiSpyware Scan Log https://www.superantispyware.com Generated 06/21/2009 at 07:57 PM Application Version : 4.26.1004 Core Rules Database Version : 3949 Trace Rules Database Version: 1891 Scan type : Complete Scan Total Scan Time : 00:58:10 Memory items scanned : 430 Memory threats detected : 1 Registry items scanned : 4114 Registry threats detected : 0 File items scanned : 16281 File threats detected : 1 Trojan.Agent/Gen-Uphov-B C:\WINDOWS\SYSTEM32\MSFBGBRT.DLL C:\WINDOWS\SYSTEM32\MSFBGBRT.DLL I should note that this is the second time this has happened to this guy. The first time he formatted and reinstalled but would like to avoid that this time. Share this post Link to post Share on other sites
WinTech Posted June 26, 2009 Thanks, I created the ticket. Share this post Link to post Share on other sites