Results 1 to 3 of 3

Thread: ResHack - Win32.Dropper.VB.rw

  1. #1
    sensory Guest

    Default ResHack - Win32.Dropper.VB.rw

    This was found by Anti-spyware after a full system deep inspection scan (ResHack.exe). I chose to ignore it once, and then decided to run an on-demand scan through the context menu which resulted in nothing being found. Is this a false positive, or does the on-demand scanner not include anti-spyware? I've been able to run ResHack without ZoneAlarm giving me any alerts (apart from communicating with ctfmon.exe). I can't confine the Anti-spyware scanner to scan just the ResHack folder, which I now realise is a limitation of ZoneAlarm itself. Other Anti-Spyware scanners (AVG, Ad-Aware, SuperAntiSpyware) find nothing, and a google search of "ResHack Win32.Dropper" also results in no matches apart from this very thread.

    Operating System:
    Windows XP Home Edition
    Software Version:
    7.0
    Product Name:
    ZoneAlarm Internet Security Suite

    Message Edited by Sensory on 08-14-2008 08:57 AM

  2. #2
    riceorony Guest

    Default Re: ResHack - Win32.Dropper.VB.rw

    have you tried uploading the file to www.virustotal.com to see whether other companies agree with the detection?

  3. #3
    petrovich Guest

    Default Re: ResHack - Win32.Dropper.VB.rw


    <blockquote><hr>riceorony wrote:
    have you tried uploading the file to www.virustotal.com to see whether other companies agree with the detection?
    <hr></blockquote>


    I had the same issue. I uploaded Reshack.exe to virustotal. They found the file to be clean. Other files that seem to false positives are Sandboxie &amp; Foxit installer. I set Zonealarm to always exclude these files. The thing is now when I look at the log entry and exclude lists I see no sign of these legitimate programs only the trojans that were(wrongly) associated with them. Does this mean this if these particular trojans somehow get into my system they'll be excluded? Seems like a pretty big flaw to me if that is indeed the case.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •