Jump to content

CDDBUISONY.DLL False Positive?


Jayson
 Share

Recommended Posts

On last scan, Malwarebytes picked up a file as malware via AI (Malware.AI.3999893806).  This is a file with a datestamp from 2007 that I believe is a valid Sony file. 

I have attached log below and file for analysis.  I have not quarantined the file or associated reg keys yet as I believe this needs review.  

please advise. 

 

================================

-Log Details-
Scan Date: 9/24/20
Scan Time: 2:53 AM
Log File: b02120a0-fe32-11ea-a218-9cb6d0003652.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1053
Update Package Version: 1.0.30312
License: Premium

-System Information-
OS: Windows 10 (Build 19041.508)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 756837
Threats Detected: 39
Threats Quarantined: 0
Time Elapsed: 37 min, 23 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 39
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbInfoWindow2, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbInfoWindow2.1, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0E9228F8-12A7-4241-8BB8-B3B12ABF6A03}, No Action By User, 1000000, 0,, , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI2, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI2.1, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{59DC04E5-1628-4C1B-AE9F-A69313B42CCC}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUIOptions2, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUIOptions2.1, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CA3DC46B-7BEA-4021-8A9A-E99968A6E2EA}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI.1, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EC455728-B1FA-4A29-BC76-254E2CD60B08}, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}\InprocServer32, No Action By User, 1000000, 0, , , , , , 
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}\InprocServer32, No Action By User, 1000000, 0, , , , , , 

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.3999893806, C:\WINDOWS\SYSWOW64\CDDBUISONY.DLL, No Action By User, 1000000, 0, 1.0.30312, 582158C4595C5C89EE69892E, dds, 00910026, C578134E37B9EABE7A6BF38242908E4F, 57ABF0B6CF58711F7F9B5B821060A3C58ED94F173E6E935AAF9D00E140A45377

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

CDDBUISony.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.