Jump to content

2harts4ever

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral

About 2harts4ever

  • Birthday 04/08/1942

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Central Pennsylvania
  1. Hi Fatdcuk, Just finished running another full scan and it came up clean. I appreciate your fast help in determining this was a f/p. Have a great day! Thanks and regards, 2harts4ever
  2. Morning Fatdcuk, Here is a copy of a log and I am also sending a copy of the file. Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 4012 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/20/2010 6:38:16 PM mbam-log-2010-04-20 (18-38-16).txt Scan type: Full scan (C:\|) Objects scanned: 193439 Time elapsed: 37 minute(s), 37 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\Rsrc32.dll (Backdoor.VB) -> Quarantined and deleted successfully. [D96076C9DBAEB220366623D4810B364A] I am also trying to attach a copy of the Rsrc32.dll file. Hopefully I did it correctly Rsrc32.zip Thanks and regards, 2harts4ever
  3. Good morning, For the record I am running a Compaq Presario AMD Athlon 64 Processor 3300+, 2411MHz/1.93 GBs RAM, running Windows Xp Home, SP3., with IE8, fully updated and patched. I normally just run a quick scan with Malwarebytes (v 1.45) but yesterday I decided to run a full scan and it reported the following file as a trojan: C:WINDOWS\system32\Rsrc32.dll (Backdoor.VB). I just submitted the file to 'Jotti's Malware Scan' and it reported that all 20 of its testers found nothing wrong with it. In addition it provided the following information about the file: File size: 3072 bytes Filetype: PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bit MD5: 343b67042125612dea8656ac3fe953da SHA1: 4bc4a06c86c39a103029cc8367114e326ced2b39 Packer (Drweb): UPX Packer (Kaspersky): UPX I am just curious if this could be a 'false positive' on Malwarebytes part? Thanks and regards, 2harts4ever
  4. Hi Maurice, I appreciate your response. My Avast is updated and shows nothing when I run a full scan so I guess I am okay. My main reason for posting was to see if it was okay to delete this entry from the quarantine folder. Unless I hear back from you I will do just that. Thanks and regards, 2harts4ever
  5. Good morning, For the record I am running a Compaq Presario AMD Athlon 64 Processor 3300+, 2411MHz/1.93 GBs RAM, running Windows Xp Home, SP3., with IE8, and using Avast as my anti-virus and Comodo as my firewall along with other Spyware programs including Malwarebytes AntiMalware 1.44 (Free). All programs are completely updated and patched. This morning during my Malwarebytes scan it found: Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) After reading about similar scan results on this forum I went ahead and had Malwarebytes 'remove' it and now I see it is in my 'quarantine' folder. My question is two-fold: (1) What caused this to happen? (2) Can I safely delete it from Quarantine? Thanks and regards, 2harts4ever
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.