ACTIVETOOLBAND.DLL? Malware?

Discussion in 'malware problems & news' started by dogma, Aug 22, 2007.

Thread Status:
Not open for further replies.
  1. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Just installed Micropoint Proactive Defense and it is flagging the following file:

    C:\WINDOWS\SYSTEM32\ACTIVETOOLBAND.DLL

    I am going to upload this dll on jotti's
     

    Attached Files:

  2. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    I would definantly run this by Virus Total or jotti.
    Just to be sure.

    Here is what Winpatrol plus has to say about it.
     

    Attached Files:

  3. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    I can't seem to find it in system32 folder, I think micropoint has deleted it. Right I'm restoring my partition and upload this file if it's there. Thanks
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  5. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Thanks Ronjor, I found that aswell.

    Jotti's says status is ok. So does Virutotal.com

    File size: 19968 bytes
    MD5: 7c9f2bdb1b6c5b3fdcffe146e2b1cfea
    SHA1: c2ea1ebdb97d81337b9dce45b00b98151080a287

    I've got an ACER laptop, and it's on my backup partition. So I think, it may be related to ACER anyone else have an ACER?
     
  6. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Not sure what to do now o_O

    As Lonewolf's post suggests company is HiTRUST
     

    Attached Files:

  7. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Minds at rest.

    According to Lavasoft Reasearch it's legit. More info HERE. Thanks Lonewolf, Ronjor, and the people over at the Lavasoft Support forums.
     
  8. norman6810

    norman6810 Registered Member

    Joined:
    Jun 1, 2007
    Posts:
    67
    Location:
    PRChina
    Hey, you can send the file to the developer of MP,and the e-mail is support@micropoint.com.cn.And I have already reported your test result to them.
     
  9. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Hi norman6810, please check your PM.
     
  10. norman6810

    norman6810 Registered Member

    Joined:
    Jun 1, 2007
    Posts:
    67
    Location:
    PRChina
    dogma,I have downloaded the file,but you don't give me the password of the RAR.
    Could you send me the password?
    Thank you!
     
  11. dogma

    dogma Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    138
    Sent.
     
Loading...
Thread Status:
Not open for further replies.