CDDBUISONY.DLL False Positive?

Jayson · September 24, 2020

On last scan, Malwarebytes picked up a file as malware via AI (Malware.AI.3999893806). This is a file with a datestamp from 2007 that I believe is a valid Sony file.

I have attached log below and file for analysis. I have not quarantined the file or associated reg keys yet as I believe this needs review.

please advise.

================================

-Log Details-
Scan Date: 9/24/20
Scan Time: 2:53 AM
Log File: b02120a0-fe32-11ea-a218-9cb6d0003652.json

-Software Information-
Version: 4.2.1.89
Components Version: 1.0.1053
Update Package Version: 1.0.30312
License: Premium

-System Information-
OS: Windows 10 (Build 19041.508)
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 756837
Threats Detected: 39
Threats Quarantined: 0
Time Elapsed: 37 min, 23 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 39
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbInfoWindow2, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbInfoWindow2.1, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0E9228F8-12A7-4241-8BB8-B3B12ABF6A03}, No Action By User, 1000000, 0,, , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408FC79-CA2B-42FC-869F-681A2315C69D}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5B25CE7A-86B5-4498-BA6B-07A9D0DA88C1}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{757C9CF9-489E-46ED-AD75-3B0CE272C929}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{824FCFFF-2993-44CB-8CC4-AEA870BB99BA}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DF4F6C78-D6A6-4581-B325-5629EFAC2921}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI2, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI2.1, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{59DC04E5-1628-4C1B-AE9F-A69313B42CCC}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUIOptions2, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUIOptions2.1, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CA3DC46B-7BEA-4021-8A9A-E99968A6E2EA}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\CDDBUIControlSony.CddbUI.1, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EC455728-B1FA-4A29-BC76-254E2CD60B08}, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0e9228f8-12a7-4241-8bb8-b3b12abf6a03}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{59dc04e5-1628-4c1b-ae9f-a69313b42ccc}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ca3dc46b-7bea-4021-8a9a-e99968a6e2ea}\InprocServer32, No Action By User, 1000000, 0, , , , , ,
Malware.AI.3999893806, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ec455728-b1fa-4a29-bc76-254e2cd60b08}\InprocServer32, No Action By User, 1000000, 0, , , , , ,

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 1
Malware.AI.3999893806, C:\WINDOWS\SYSWOW64\CDDBUISONY.DLL, No Action By User, 1000000, 0, 1.0.30312, 582158C4595C5C89EE69892E, dds, 00910026, C578134E37B9EABE7A6BF38242908E4F, 57ABF0B6CF58711F7F9B5B821060A3C58ED94F173E6E935AAF9D00E140A45377

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)

(end)

CDDBUISony.zip

cli · September 25, 2020

Thanks for reporting, you should see the fix in 10 minutes.

Sign In

CDDBUISONY.DLL False Positive?

Recommended Posts

Jayson

Link to post

Share on other sites

cli

Link to post

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information