Sign in to follow this  
Corrine

Multiple F/P's Reported

Recommended Posts

I got these:

 

Win32.Trojan.Downloader Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : clsid\{48e59293-9880-11cf-9754-00aa00c00908}

 

Win32.Trojan.Downloader Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : interface\{48e59291-9880-11cf-9754-00aa00c00908}

 

Win32.Trojan.Downloader Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : typelib\{48e59290-9880-11cf-9754-00aa00c00908}

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Win32.Trojan.Downloader Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : inetctls.inet

 

Win32.Trojan.Downloader Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_CLASSES_ROOT

Object : inetctls.inet.1

Share this post


Link to post
Share on other sites

The false positives are confirmed and a new update is available.

 

This release fixes False positives in:

Adware.AdMedia

TrojanBackdoor.Serv-U

BargainBuddy

Win32.Trojan.Agent

Win32.Trojan.Downloader.

Share this post


Link to post
Share on other sites

Thanks, LS Stoffe. However, I'm not sure if there might still be a bit of a problem. Please note that according to the link below from BBR that it appears there may still be a false/positive in the latest update:

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Diaremover Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-242286658-708711241-2795454051-1008\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 1

Objects found so far: 1

 

From BBR

Share this post


Link to post
Share on other sites

I found the same one:

 

Diaremover Object Recognized!

Type : Regkey

Data :

TAC Rating : 10

Category : Malware

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1935655697-1336601894-725345543-1004\software\microsoft\windows\currentversion\ext\stats\{72267f6a-a6f9-11d0-bc94-00c04fb67863}

Share this post


Link to post
Share on other sites

Yep, think that is another one. I've alerted the Research Team so please be patient while they look at that one (wasn't known last night so it's not in the latest update yet)

Share this post


Link to post
Share on other sites
Sign in to follow this