Jump to content

Possible FP on latest Update: MS wuaueng.dll??

Recommended Posts

Have run MBAM scan every night always clean.

Last night (Jan 1st/2011) scan suddenly popped 6 trojans (?)

current:Malwarebytes' Anti-Malware


Database version: 5432


Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{5F327514-6C5E-4d60-8F16-D07FA08A78ED} (Trojan.Downloader) -> No action taken.

HKEY_CLASSES_ROOT\TypeLib\{D4D8199E-E376-4D57-8B08-BBF87E1F36B1} (Trojan.Downloader) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{11178075-25D2-4C9C-8087-4C36924091E1} (Trojan.Downloader) -> No action taken.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5F327514-6C5E-4D60-8F16-D07FA08A78ED} (Trojan.Downloader) -> Value: {5F327514-6C5E-4D60-8F16-D07FA08A78ED} -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\WINDOWS\system32\wuaueng.dll (Trojan.Downloader) -> No action taken.

c:\WINDOWS\system32\dllcache\wuaueng.dll (Trojan.Downloader) -> No action taken.


Have temporarily placed in "ignore list" until find out more. All seem to be legit Win update files best as I can tell from Googling.

Needless to say I'm rather afraid to wander the web with this outstanding!

Since this is an old OS, Win update disabled & unused anytime in last 6 months.

Main A/V is Sunbelt Vipre trial version (1st thought MBAM was finding Vipre as trojan).

Also have SAS, Stinger, Blacklight. All seem to report clean.

Please try to confirm real/False positive asap. Thanks for your attention!! Sandy

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.