Jump to content

Possible FP - HP Webcam Driver


jweigang
 Share

Recommended Posts

Well, that did change something. Now there is no false positive for the sp36409.exe files, but it still claims that Dorkbot lives inside .zip files containing sp36409.exe, and it still identifies RStone.exe (the core problem within sp36409.exe) as being infected.

 

My temp5 directory contains the following:

 
 Directory of C:\Temp506/30/2014  06:58 PM    <DIR>          .06/30/2014  06:58 PM    <DIR>          ..06/30/2014  12:34 PM         8,698,288 Copy of sp36409.zip06/30/2014  06:58 PM                 0 dir.txt06/30/2014  06:58 PM            49,152 RStone.exe06/30/2014  12:31 PM             1,112 scanlog.txt06/30/2014  06:57 PM             1,284 scanlog_6-30-10.txt06/30/2014  12:15 PM         8,939,824 sp36409.exe06/30/2014  12:34 PM         8,698,288 sp36409.zip06/30/2014  12:15 PM         8,939,824 sp36409b.exe               8 File(s)     35,327,772 bytes

(with those zip files being what was attached to the original post--just sp36409.exe and scanlog.txt).

The log of a scan of this directory, using database 6 30 10, follows.
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/30/2014
Scan Time: 6:56:06 PM
Logfile: scanlog_6-30-10.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.30.10
Rootkit Database: v2014.06.30.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 6
Time Elapsed: 1 min, 10 sec
 
Memory: Disabled
Startup: Disabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 3
Trojan.Dorkbot.ED, C:\Temp5\Copy of sp36409.zip, , [c6dc85f97407290d7c43036132cf26da], 
Trojan.Dorkbot.ED, C:\Temp5\RStone.exe, , [c0e2a2dcb8c394a227988dd7d42d8d73], 
Trojan.Dorkbot.ED, C:\Temp5\sp36409.zip, , [bce6ec92a6d5d264922dc79d837e1ee2], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.