Jump to content

LSDriveDetect.exe and \Adobe AIR\Versions\1.0\Resources\template.exe


Recommended Posts

Ran MWB's (latest update) full scan tonight and got the following errors on a system that has run these same files clean for months. I also submitted them to Jotti's malware scan and they ran clean on all 9 programs. I suspect false positives. Both files came with new computer. Any advice appreciated. Rerunning in developer mode now.

Files Detected: 2

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{4C6E12E5-5905-4aa5-B462-E7DFC4BD75E5}\LSDriveDetect.exe (Spyware.Password) -> No action taken.

C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (Spyware.Password)

Link to post
Share on other sites
Guest DangerousClick

Hello skipperl,

There seems to be an issue going on with a bunch of stuff being detected as spyware.password, I assume it is a bug. These are the necessary steps to identify malware easily.

1. Go to virustotal and upload the files

2. Post the link of the analysis of them back.

Thank you

~Click~

Link to post
Share on other sites

File name: LSDriveDetect.exe File type: Win32 EXE Detection ratio: 0 / 43 Analysis date:

2012-09-24 03:46:16 UTC ( 0 minutes ago ) File name: template.exe File type: Win32 EXE Detection ratio: 0 / 26 Analysis date: 2012-09-24 03:52:09 UTC ( 0 minutes ago )

Both ran clean on virustotal as well.

Link to post
Share on other sites

Developer log with attached zip file

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.24.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Skip :: SKIP-PC [administrator]

9/23/2012 11:22:35 PM

mbam-log-2012-09-24 (00-02-52).txt

Scan type: Full scan (C:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 325294

Time elapsed: 36 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{4C6E12E5-5905-4aa5-B462-E7DFC4BD75E5}\LSDriveDetect.exe (Spyware.Password) -> No action taken. [faf78be17de023138692bc0937c96f91]

C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (Spyware.Password) -> No action taken. [549d6804174669cd7f99b70e7f81d22e]

(end)

mbam-log-2012-09-24 (00-02-52).zip

Link to post
Share on other sites

I found C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe (Spyware.Password) one of my computers as well and changed all of my passwords which took close to two hours. I've found the same thing on my other computer and want to make sure it's a bug otherwise I'm going to have to change all my passwords again.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.