CIS detects Indiv02.key and IndivBox.key as Heur.Suspicious.Attribs
Heuristics on High setting, but these files are also detected on Medium and Low settings.
Both these files were found in [b]C:\Documents and Settings\All Users\DRM\Cache[/b]
I googled these files, and they appear to be Microsoft Files files related to DRM in WMP.
Description from Process Library:
indiv02.key is a Individualized Black Box DLL belonging to Microsoft® DRM from Microsoft Corporation
indivbox.key is a Individualized Black Box DLL belonging to Microsoft® DRM from Microsoft Corporation
[b]CIS version: 3.8.65951.477
Database version: 1017
Operating System: Windows XP Professional SP3[/b]
Still getting this with database 1021…
BUMP! ;D
E-mail sent, with password: infected
Thanks
Hi Beanie,
FalsePositive Fixed.
Please confirm with our latest base.
Thanks for reporting FalsePostive. Appreciating your efforts.
Thanks and Regards,
Suresh.
FP confirmed fixed with database 1025.
Thanks, and no worries