mikem2556

Thank you

Is this a false positive? Files are attatched. Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4240 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/25/2010 1:08:24 PM mbam-log-2010-06-25 (13-08-24).txt Scan type: Full scan (A:\|C:\|D:\|) Objects scanned: 168429 Time elapsed: 19 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\WinRAR\WinCon.SFX (Trojan.Redosdru) -> No action taken. C:\Program Files\WinRAR\Zip.SFX (Trojan.Redosdru) -> No action taken. infectedfiles.rar

Thank you so much.

Is this confirmed as a false positive? Every malwarebytes scan since I deleted the files have been clean. But it did delete the files, so how can I find out?

Sorry for so many posts, I also don't have the files. I deleted them as soon as it detected them.

I also have NOD32 as an antivirus/antispyware, and I also scanned with adaware. Every scan with every program is clean for now.. but when I got keylogged before my programs also told me I was clean, and then I got keylogged.

I also haven't downloaded anything from yesterday until today, and I'm super paranoid about computer security so I never visit any sites that might have the slightest possibility of being malicious. Here is the log: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4222 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 6/21/2010 3:33:19 PM mbam-log-2010-06-21 (15-33-19).txt Scan type: Full scan (A:\|C:\|D:\|) Objects scanned: 157988 Time elapsed: 19 minute(s), 3 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{19987cee-dee8-49dc-98ec-f21380aa9e68} (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{19987cee-dee8-49dc-98ec-f21380aa9e6a} (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{19987cee-dee8-49dc-98ec-f21380aa9e6b} (Trojan.Dropper) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\Program Files\DivX\DivX Plus DirectShow Filters\daac.ax (Trojan.Dropper) -> Quarantined and deleted successfully.

http://img143.imageshack.us/img143/5539/68291702.jpg I do two updated scans of Malwarebytes every day, and it wasn't there yesterday when I scanned. My friend is saying it's a good chance it's a false positive. When I looked in the registry keys it said something about DivX AAC Decoder or something. I recently got keylogged about a month ago, and I had to format and change all of my passwords. Can somebody please help me with this, I really hope it's not something that could have executed itself and now I have a keylogger. Any information would be very helpful.