Jump to content
mountaintree16

Fsquirt.exe

Recommended Posts

Hi,

I did a quick scan just now and Malwarebytes found fsquirt.exe in System32 as a Trojan Dropper. I think that this is a false positive. Also it has been a file on the computer since 2004. It was found before the heuristics part of the scan. Here is my log and a copy of the file attached.

Also just now the PM module has come up with fsquirt.exe as a threat as I am locating the file to attach to this post... I decided to minimize it and the computer froze for a bit. Probably not a good idea to minimized the PM :P I ended up using TaskManger to end the open Mbam windows so that my machine would unfreeze. It came up again when I went to send it to a zip folder and for now I chose "Ignore".

This is the first time that I have ever seen the PM module come up to me on my machine and it was not SpyCar ;). :)

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8357

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/12/2011 1:30:59 PM

mbam-log-2011-12-12 (13-30-55).txt

Scan type: Quick scan

Objects scanned: 184142

Time elapsed: 9 minute(s), 37 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\system32\fsquirt.exe (Trojan.Dropper.BCM) -> No action taken. [a0051a061ce4ba4607625b8dc73904fc]

Thank you :)

Share this post


Link to post
Share on other sites

You're welcome!

That was super fast! :)

Thank you for letting me know! :)

Share this post


Link to post
Share on other sites

Hi all

I have the same problem, check to virustotal and is clean

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Versione database: 8357

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

12/12/2011 16.38.50

mbam-log-2011-12-12 (16-38-50).txt

Tipo di scansione: Scansione completa (C:\|)

Elementi esaminati: 214905

Tempo impiegato: 22 minuti, 43 secondi

Processi infetti in memoria: 0

Moduli di memoria infetti: 0

Chiavi di registro infette: 0

Valori di registro infetti: 0

Voci infette nei dati di registro: 0

Cartelle infette: 0

File infetti: 1

Processi infetti in memoria:

(Non sono stati rilevati elementi nocivi)

Moduli di memoria infetti:

(Non sono stati rilevati elementi nocivi)

Chiavi di registro infette:

(Non sono stati rilevati elementi nocivi)

Valori di registro infetti:

(Non sono stati rilevati elementi nocivi)

Voci infette nei dati di registro:

(Non sono stati rilevati elementi nocivi)

Cartelle infette:

(Non sono stati rilevati elementi nocivi)

File infetti:

c:\WINDOWS\system32\fsquirt.exe (Trojan.Dropper.BCM) -> Quarantined and deleted successfully.

I restore the file, is Blotooth elements

Share this post


Link to post
Share on other sites

Same here. Today, your program quarantined 3 files, squirt.exe in 3 different windows locations. The file was identified as a Trojan.dropper.

The computer required a restart.

Please advise whether I should restore these files?

Or do nothing?

Many thanks

Ian

Share this post


Link to post
Share on other sites

Greetings :)

Yes, you should restore the files from quarantine and then update Malwarebytes Anti-Malware and perform another scan to verify that those files that you restored are no longer detected. That will confirm that all 3 of them were indeed false positives.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.