Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by davidhh0

  1. Reghide.zip something may have gone wrong and the .zip file didn't get attached. Let's try this again.
  2. I confirmed that the link to the file David H Lipman posted is the same checksum as the one in my zip file.
  3. According to Virustotal, MBAM is the only program that detected this as malware. It is part of a software package that has been on my computer for years and hasn't been modified, called sysinternals. Malwarebytes has had false positives of other sysinternals tools in the past. /index.php?/topic/141560-newsid/#entry804819 mbam log and actual reghide.exe contained in attached .zip file. Zip not password protected. Thanks!
  4. davidhh0


    I got the false positive of file newsid.exe https://www.virustotal.com/en/file/c2f4591f7e9598ceb47cbce280180b3e104f70509dce7d1e90ca758f69d79ddd/analysis/ sha256 = c2f4591f7e9598ceb47cbce280180b3e104f70509dce7d1e90ca758f69d79ddd sha1 = 4c64df34ef8f8faa757e1d4482486453d7425752 md5 = 73e708d1126e7af86a4ef820c24d80e4 Virustotal reports it as malwarebytes being the only virus program that reports it being bad. I unquarantined & updated malwarebytes to v2014.03.18.10 and re-scanned. No malicious items were detected this time. Thanks for fixing this false positive.
  5. I know this is a false positive because I compiled it myself. I included the source code file CRC32.BAS which runs in and is compiled by Microsoft QuickBASIC 4.5. This particular file was compiled with debug code turned off, and set to not include the runtime library to make it a small file size, then was also compressed using Pklite 2.01. In order to run, the runtime library BRUN45.EXE is necessary to be in the current directory or path. It runs in DOS or in a Windows command prompt window. Thanks for looking into it. davidhh0 crc32.zip
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.