CIS detects Indiv02.key and IndivBox.key as Heur.Suspicious.Attribs
Heuristics on High setting, but these files are also detected on Medium and Low settings.
Both these files were found in [b]C:\Documents and Settings\All Users\DRM\Cache[/b]
I googled these files, and they appear to be Microsoft Files files related to DRM in WMP.
Description from Process Library:
indiv02.key is a Individualized Black Box DLL belonging to Microsoft® DRM from Microsoft Corporation
indivbox.key is a Individualized Black Box DLL belonging to Microsoft® DRM from Microsoft Corporation
[b]CIS version: 3.8.65951.477
Database version: 1017
Operating System: Windows XP Professional SP3[/b]
Still getting this with database 1021…
E-mail sent, with password: infected
Please confirm with our latest base.
Thanks for reporting FalsePostive. Appreciating your efforts.
Thanks and Regards,
FP confirmed fixed with database 1025.
Thanks, and no worries