Jump to content

Recommended Posts

Hi,

I did a quick scan just now and Malwarebytes found fsquirt.exe in System32 as a Trojan Dropper. I think that this is a false positive. Also it has been a file on the computer since 2004. It was found before the heuristics part of the scan. Here is my log and a copy of the file attached.

Also just now the PM module has come up with fsquirt.exe as a threat as I am locating the file to attach to this post... I decided to minimize it and the computer froze for a bit. Probably not a good idea to minimized the PM :P I ended up using TaskManger to end the open Mbam windows so that my machine would unfreeze. It came up again when I went to send it to a zip folder and for now I chose "Ignore".

This is the first time that I have ever seen the PM module come up to me on my machine and it was not SpyCar ;). :)

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8357

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/12/2011 1:30:59 PM

mbam-log-2011-12-12 (13-30-55).txt

Scan type: Quick scan

Objects scanned: 184142

Time elapsed: 9 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\system32\fsquirt.exe (Trojan.Dropper.BCM) -> No action taken. [a0051a061ce4ba4607625b8dc73904fc]

Thank you :)

Link to post
Share on other sites

Hi all

I have the same problem, check to virustotal and is clean

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Versione database: 8357

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/12/2011 16.38.50

mbam-log-2011-12-12 (16-38-50).txt

Tipo di scansione: Scansione completa (C:\|)

Elementi esaminati: 214905

Tempo impiegato: 22 minuti, 43 secondi

Processi infetti in memoria: 0

Moduli di memoria infetti: 0

Chiavi di registro infette: 0

Valori di registro infetti: 0

Voci infette nei dati di registro: 0

Cartelle infette: 0

File infetti: 1

Processi infetti in memoria:

(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:

(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:

(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:

(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:

(Non sono stati rilevati elementi nocivi)

Cartelle infette:

(Non sono stati rilevati elementi nocivi)

File infetti:

c:\WINDOWS\system32\fsquirt.exe (Trojan.Dropper.BCM) -> Quarantined and deleted successfully.

I restore the file, is Blotooth elements

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.