Jump to content

M___

Members
  • Posts

    2
  • Joined

  • Last visited

Reputation

0 Neutral
  1. A routine Flash Scan following a definition update revealed what may be a false positive for "Trojan.Slugin". The file is "caller64.exe" which is part of the Samsung ML-2850 Series printer software. The questionable file was at: C:\Windows\Samsung\PanelMgr\caller64.exe Other instances of the (same?) file are at: C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\Install\Application\SPANEL\PanelMgr\Caller64.exe C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\Install\Application\SPANEL\SPanel\Caller64.exe C:\Program Files (x86)\Samsung\Samsung ML-2850 Series\SPanel\caller64.exe I submitted the first file above (the one identified as "Trojan.Slugin") to VirusTotal, and MBAM was the only product to find anything wrong, identifying it as "Trojan.Slugin". MBAM Developer Mode Log (I saved the log after unchecking the two pre-checked-for-quarantining boxes): Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.25.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Michael :: MICHAEL-PC [administrator] Protection: Enabled 2013-11-25 5:15:56 PM MBAM-log-2013-11-25 (17-17-12)_DevMode_UnCheckedBoxesAfterScan.txt Scan type: Flash scan Scan options enabled: Memory | Startup | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Registry | File System | P2P Objects scanned: 273703 Time elapsed: 28 second(s) Memory Processes Detected: 1 C:\Windows\Samsung\PanelMgr\caller64.exe (Trojan.Slugin) -> 5124 -> No action taken. [6a5216e73438ed4997f825346e937a86] Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Windows\Samsung\PanelMgr\caller64.exe (Trojan.Slugin) -> No action taken. [6a5216e73438ed4997f825346e937a86] (end) caller64.zip __www.virustotal.com_en_file_579f0ae4aa68c34c2ef5cbe9c25e.pdf
  2. The attached file was flagged as containing "Trojan.FakeMSGen". I uploaded the "SUPPORT1.DLL" file to Jotti and none of the tools detected any problem. I ran the scan from 'Start,Run' with: mbam.exe /developer "C:\Program Files\Microsoft Visual Studio\MSDN\2000JAN\1033\SAMPLES\VB98\Support\SUPPORT1.DLL" mbam-log-2012-04-25 (17-56-33).txt SUPPORT1.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.