Jump to content

KB4577671-x64.cab false positive


Recommended Posts

Is this a false positive reading?

Windows10.0-KB4577671-x64.cab\amd64_microsoft-windows-a..ence-infrastructure_31bf3856ad364e35_10.0.18362.1139_none_e2c1b7a0af8b9b8a\r\sdbinst.exe, 不明なSTEALTH.CRYPT.TSR.DRIVER

A large number of them are occurring on internal devices.

If you have any information, please let me know.

Thank you for your support.

Link to post
Share on other sites
  • Administrators

Please submit the file in an archive encrypted with the password "infected" to samples[at]eset.com.

It's a file with the exe extension but in fact it's not an executable. Plus it fulfills several other conditions to get scanned by an old DOS heuristics which evaluated it as suspicious.

Link to post
Share on other sites
  • Administrators
4 hours ago, DaveHarding said:

We're getting the same alert on many devices since Windows Updates last night.

We're currently running version 5.0.2272

The detection was fixed about 15 hours before you posted here.

Also please keep in mind that you are running a legacy version v5 which is not supported and it's necessary to upgrade to the latest v7.3 or 6.5 (in case of Windows XP or Vista).

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...