CCE detects this file as malware (but only when running through Comodo Rescue Disk)
in C:\windows\system32\dllcache
In virustotal check, Comodo is the only one to detect it (flags it as unclassified malware), but if I run CAV on my machine it finds nothing.
Does anyone have any info on this file?
DrHaze
January 27, 2013, 1:05am
#2
this says it has to to do with Brother MFL Pro printer software
Thanks, but the strange thing is I haven’t installed any printer software (nor do I even own a printer itself), yet the file has appeared out of nowhere in the past week or so.
DrHaze
January 27, 2013, 1:28am
#4
interesting website… not much on your dll but a good resource.
Yeah, I was looking at it on that website, as well as bleepingcomputer.com . It’s hard to find info on that file anywhere.
From looking at the file’s additional information section on virustotal.com , on Portable Executable structural information, there are lines like:
“SetSecurityDescriptorDacl”
“GetPrivateProfileIntA”
“GetWindowsDirectoryA”
“Sleep”
“CreateFileA”
…and so on.
Is that even normal behavior for a printer software dll, assuming that really is what it is?
Also, why would Comodo detect it on VirusTotal, but not when I run CAV on my machine, even with heuristic scanning level at highest?
Chunli
January 27, 2013, 2:24am
#6
Hi,emanresuoseehc
Thank you for reporting this.
We’ll check it and get back to you soon.
Best regards
Chunli.chen
Hi,
This is to inform you that false-positive has been fixed.
You can update to AV database Version <15063> of Comodo Internet Security
Version<6.0.260739.2674> and confirm it.
Thanks.
Kind Regards,
Srinivasan.G