Discussion in 'other anti-malware software' started by emmjay, Jul 30, 2013.

Thread Status:
Not open for further replies.
  1. emmjay

    emmjay Registered Member

    Malwarebytes quarantined this on my system as a trojan. It is located here: C:\users\myname\aregistrylocation.tmp\WiseCustomCalla.dll

    I googled it. Confusing results; one saying it is a Microsoft file that is safe and another saying it is a McAfee file that is perfectly safe. On microsoft.answers this file is identified as safe. I do not have McAfee, so not from here. The system has not crashed as yet, nor have I received any popups from MS indicating a need for this file. Wonder what uses it?

    NB: Did see that WiseCustomCall.dll is indeed a trojan (note the Call vs Calla).

    MBAM quarantined xxx.Calla on my system. False positive, maybe.
  2. fax

    fax Registered Member

    Best route to follow is to report directly to MBAM support. They will then confirm to you if it is a false positive or not :)
  3. emmjay

    emmjay Registered Member

    I will do that now. I'll post back on the results. Still would like to know what uses this dll.
  4. emmjay

    emmjay Registered Member

    Finally tracked this down...

    What is WiseCustomCalla.dll?
    WiseCustomCalla.dll (VirusScan Config Utility) is a component from the software McAfee VirusScan version 4.5.0 by Network Associates, Inc.. WiseCustomCalla.dll version 4.5.0 is most commonly found under the directory "1912F734658046208AFDECCCEA19CDE2.TMP" with a creation date of March 27, 2005. This is not a known spyware, adware, or trojan component.

    According to us.mcafee.com, "McAfee VirusScan detects, blocks, and removes viruses and spyware, that may result in the loss of your irreplaceable documents, such as digital photos, family movies, and financial spreadsheets, identity theft and slower PC performance.".

    I am concerned that it got loaded onto my system in 2013 and without my permission. I do not have nor have I ever had McAfee anti-virus software installed on my system. Considering it is just a component of their software, what in heavens name is the purpose of just downloading the .dll file? It makes no sense to me, however there are some very smart people on this forum that may be able to shed some light on this - hopefully.

    NB: I must give massive kudos to the MBAM support staff who guided me through determining if any damage was done to my system. Stuff had to be deleted and my system looks clean. So so so pleased that I purchased the pro version.
  5. Snoop3

    Snoop3 Registered Member

    any chance McAfee was pre-installed on the computer from the factory when you bought it and then you uninstalled it and forgot about it? (because their uninstaller doesn't remove everything - needs the MCPR.exe to get rid of everything) or maybe you tested their free trial one time and uninstalled and forgot about it?
  6. emmjay

    emmjay Registered Member

    Tnx for responding. I have the factory preload in a separate partition. I rechecked it and no McAfee. I have never trialed McAfee either. MSE is the only antivirus software that has ever been installed/run on this computer. I run F-secure online scanner sometimes.

    I have noticed that when I open some emails, I will see a statement such as: this email was scanned by McAfee and is safe. I always thought that it was referring to the senders system, i.e. it was scanned before it was sent.

    MBAM support is more concerned about the location of the 'trojan'. I guess I will never know where it came from or how it got installed in the registry.

    Update: I found out where it came from. Trustware 101 Ltd. I had BufferZone installed on this computer before I switched over to SBIE. I uninstalled BufferZone but have found a lot of stuff got left behind. So McAfee is blameless (should be said).
    Last edited: Aug 5, 2013
Thread Status:
Not open for further replies.