Jump to content

Suspected False Positives


SDF12
 Share

Recommended Posts

My suspicion is that these files/registry entries are from SecureRom and Diablo II/DungeonKeeper2 installs. I've only been able to zip 3 of the 6 files. The system32 files are exceedingly well hidden and I can't seem to get them to show up (I have show hidden/system files/file extensions all checked.) I have included the 3 sysWOW64 files. I'll try to amend my post once I figure out how to get a hold on the other files.

Log file:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7141

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

7/14/2011 7:08:38 PM

mbam-log-2011-07-14 (19-08-33).txt

Scan type: Quick scan

Objects scanned: 150104

Time elapsed: 1 minute(s), 38 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 4

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 6

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{9869EFB4-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> No action taken. [05e0c2595ca4df2101e5148b9a6ad52b]

HKEY_CLASSES_ROOT\TypeLib\{9869EFA6-18E9-11D3-A837-00104B9E30B5} (Trojan.Agent) -> No action taken. [05e0c2595ca4df2101e5148b9a6ad52b]

HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu.1 (Trojan.Agent) -> No action taken. [05e0c2595ca4df2101e5148b9a6ad52b]

HKEY_CLASSES_ROOT\CmdLineExt.CmdLineContextMenu (Trojan.Agent) -> No action taken. [05e0c2595ca4df2101e5148b9a6ad52b]

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Windows\System32\cmdlineext03.dll (Trojan.Agent) -> No action taken. [499c77a4758b09f714d27827a06442be]

c:\Windows\System32\SIntf32.dll (Trojan.Agent) -> No action taken. [5c8979a233cdff0136b0059a1be90df3]

c:\Windows\System32\SIntfNT.dll (Trojan.Agent) -> No action taken. [638272a91fe188781bcb059ac341ff01]

c:\Windows\SysWOW64\cmdlineext03.dll (Trojan.Agent) -> No action taken. [05e0c2595ca4df2101e5148b9a6ad52b]

c:\Windows\SysWOW64\SIntf32.dll (Trojan.Agent) -> No action taken. [bf26f4278d7336ca2fb7f7a81aeada26]

c:\Windows\SysWOW64\SIntfNT.dll (Trojan.Agent) -> No action taken. [b431819aa65a32ced2146639e71d837d]

First try at getting these attachments added to the post..apologies if I screw this up.

CmdLineExt03.zip

SIntf32.zip

SIntfNT.zip

As I said, I will try and get a hold on the system32 files.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.