Jump to content
JdG

Suspicious file found: Windows.Internal.Management.SecureAssessment.dll

Recommended Posts

Hi,

Yesterday and today I ran a scan with HitmanPro 3.8 and it keeps flagging Windows.Internal.Management.SecureAssessment.dll as suspicious.

See log below.

This all surprises me because there is already a thread on this dating 22 december 2018 See this link

Is this the same then why is it still flagged?

If not what should I do?

Regards,

JdG

 

HitmanPro 3.8.11.300
www.hitmanpro.com
	   Computer name . . . . : xxxxx
   Windows . . . . . . . : 10.0.0.17134.X64/4
   User name . . . . . . : xxxxx
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
	   Scan date . . . . . . : 2019-04-14 11:33:38
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 20s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
	   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1
	   Objects scanned . . . : 2,934,562
   Files scanned . . . . : 224,533
   Remnants scanned  . . : 602,978 files / 2,107,051 keys
	Suspicious files ____________________________________________________________
	   C:\Windows\SoftwareDistribution\Download\00566dbdc9cd3bbadb3feb12d21ba92b\Package_for_RollupFix~~amd64~~17134.706.1.5\amd64_microsoft-windows-m..ent-platforminterop_31bf3856ad364e35_10.0.17134.471_none_fe289ebc5f869b73\Windows.Internal.Management.SecureAssessment.dll
      Size . . . . . . . : 140,800 bytes
      Age  . . . . . . . : 0.9 days (2019-04-13 13:56:53)
      Entropy  . . . . . : 6.1
      SHA-256  . . . . . : 8EE652670D3D8B61124E14E20BBF418CF7B65BD8C5F97B120A642CED460A4132
      Product  . . . . . : Microsoft® Windows® Operating System
      Publisher  . . . . : Microsoft Corporation
      Description  . . . : Windows Internal Runtime Secure Assessment DLL
      Version  . . . . . : 10.0.17134.471
      Copyright  . . . . : © Microsoft Corporation. All rights reserved.
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : 22.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Time indicates that the file appeared recently on this computer.
	


 

 

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Submit the file to Virus Total.
Follow the instructions on this page.
https://www.virustotal.com/gui/home

If the file is clean I suggest you send it to HitmanPro for their review.

Share this post


Link to post
Share on other sites

Hi Nasdaq,

VirusTotal reports: https://www.virustotal.com/gui/file/8ee652670d3d8b61124e14e20bbf418cf7b65bd8c5f97b120a642ced460a4132/detection

 

No engines detected this file

 
SHA-256 8ee652670d3d8b61124e14e20bbf418cf7b65bd8c5f97b120a642ced460a4132
File name Windows.Internal.Management.SecureAssessment.dll
File size 137.5 KB
Last analysis 2019-04-14 15:44:09 UTC
Community score -21

 

I've tried mailing the file to support@hitmanpro.com but my provider blocks sending this type of files.

What can I do?

Regards,

 

JdG

Share this post


Link to post
Share on other sites

Send them the Virus Total report URL.

Otherwise make sure to ZIP the file in a password protected ZIP file using the password  = infected

And note the False Positive and password in the email.

Share this post


Link to post
Share on other sites

I can't also not send password protected mails.

Isn't there a place where I can upload the file?

Share this post


Link to post
Share on other sites

I'm sorry, you don't have a case of malware and this Forum is centrally focused on the support of Malwarebytes' products.

You'll have to take it up with the HitMan Pro.

 

Share this post


Link to post
Share on other sites

Oooooopss... Stupid me... 

Hitman Pro <> Malware Bytes....

Sorry... David and Nasdaq thanks for your efforts.

Btw. Just ran a scan with HMP and nothing :S whilst File still exists....

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.