Author Topic: Faux Positif sbnetsys.sys dans Roguekiller  (Read 256 times)

0 Members and 1 Guest are viewing this topic.

December 09, 2018, 10:46:41 pm

Pierre95

  • Newbie

  • Offline
  • *

  • 11
  • Reputation:
    0
    • View Profile
Faux Positif sbnetsys.sys dans Roguekiller
« on: December 09, 2018, 10:46:41 pm »

Hello,
Je vous signale ce qui est un FP dans Roguekiller ( à mon humble avis)

https://www.cjoint.com/c/HLjm7qGmTgQ

Pour la ligne :

HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sbnetsys -- (Mainline Net Holdings Limited) C:\Windows\System32\drivers\sbnetsys.sys -> Trouvé(e)


Analyse Virus Total de C:\Windows\System32\drivers\sbnetsys.sys

VirusTotal: C:\Windows\System32\drivers\sbnetsys.sys => https://www.virustotal.com/file/c37481095f93f527bf54f8a5e0c6027ae2bbf1c201a88acd36117004614b2040/analysis/1521360865/


Exportation de la clé  HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sbnetsys

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sbnetsys]
"DisplayName"="@oem29.inf,%sbnetsys_Desc%;WinpkFilter LightWeight Filter"
"Description"="@oem29.inf,%sbnetsys_Desc%;WinpkFilter LightWeight Filter"
"NdisMajorVersion"="6"
"NdisMinorVersion"="30"
"DriverMajorVersion"="3"
"DriverMinorVersion"="4"
"Type"="1"
"Start"="1"
"ErrorControl"="1"
"Tag"="14"
"ImagePath"="\SystemRoot\system32\DRIVERS\sbnetsys.sys"
"Group"="NDIS"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters]
"NdisImPlatformBindingOptions"="2"
"DefaultFilterSettings"="1"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{0A5DABCE-A060-4F7D-935E-0D4628F48D88}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{0A5DABCE-A060-4F7D-935E-0D4628F48D88}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{2938185F-E79B-409D-AD09-F23A90443CB5}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{2938185F-E79B-409D-AD09-F23A90443CB5}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{2E817D16-F4A8-4FA1-BE37-2233D12AC1BE}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{2E817D16-F4A8-4FA1-BE37-2233D12AC1BE}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{35063B6B-14DC-462F-BFD7-9B634C5ED4F1}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{35063B6B-14DC-462F-BFD7-9B634C5ED4F1}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{398AE0E7-599E-4E72-A6A7-72B3F68B21F1}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{398AE0E7-599E-4E72-A6A7-72B3F68B21F1}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{431868EA-8BA5-42C2-AB86-72210D2BAD0D}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{431868EA-8BA5-42C2-AB86-72210D2BAD0D}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{489F4E7C-78A3-490E-A7AB-BEB93D656EEC}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{489F4E7C-78A3-490E-A7AB-BEB93D656EEC}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{59052DAA-3EC2-4E6B-9DC9-73E98CF9FABC}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{59052DAA-3EC2-4E6B-9DC9-73E98CF9FABC}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{6C399708-CA69-4D44-9A80-B9430127E338}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{6C399708-CA69-4D44-9A80-B9430127E338}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{7469E590-2788-4335-B165-F46613F53DF2}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{7469E590-2788-4335-B165-F46613F53DF2}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{7FB6E0E7-E815-4966-AB6F-28C50E838060}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{7FB6E0E7-E815-4966-AB6F-28C50E838060}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{8796B1D2-510F-463A-84FE-0766320E0855}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{8796B1D2-510F-463A-84FE-0766320E0855}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{8C3B6B71-E027-4D75-A1E0-9A34E3E9B729}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{8C3B6B71-E027-4D75-A1E0-9A34E3E9B729}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{9616A8CC-3AF1-48D1-BE7B-DD32D36F4953}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{9616A8CC-3AF1-48D1-BE7B-DD32D36F4953}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{9675665B-50D4-4381-B00A-67658019BD85}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{9675665B-50D4-4381-B00A-67658019BD85}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{977E51DC-4F9B-4453-8CC1-88E461E758B8}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{977E51DC-4F9B-4453-8CC1-88E461E758B8}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{CFCB446B-FF22-4DB2-B085-9CA7EC33837B}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{CFCB446B-FF22-4DB2-B085-9CA7EC33837B}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{DA3C68E3-23D4-44A0-A32E-852ACC3001C2}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{DA3C68E3-23D4-44A0-A32E-852ACC3001C2}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{E6162C02-22BC-4697-89A8-E23753822F84}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{E6162C02-22BC-4697-89A8-E23753822F84}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{F4988C3F-8C13-4A62-ACC3-1282D1F4D369}]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\Adapters\{F4988C3F-8C13-4A62-ACC3-1282D1F4D369}\{BD2519E6-7296-44F1-B0C5-ECB53AD9DD09}-0000]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters]
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{0A5DABCE-A060-4F7D-935E-0D4628F48D88}]
"InterfaceGuid"="ae6763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{2E817D16-F4A8-4FA1-BE37-2233D12AC1BE}]
"InterfaceGuid"="27c37fe87ccbe71187fb448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{32FD6B15-0883-4618-8A3C-09A5EA1D3F31}]
"InterfaceGuid"="80f64ec000f0e7118806448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{35063B6B-14DC-462F-BFD7-9B634C5ED4F1}]
"InterfaceGuid"="31ccb179d4c6e711a61f448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{431868EA-8BA5-42C2-AB86-72210D2BAD0D}]
"InterfaceGuid"="6c0f0ab73463e81189a8448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{489F4E7C-78A3-490E-A7AB-BEB93D656EEC}]
"InterfaceGuid"="af6763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{4B7D27CF-5F28-4DEA-BBA2-286036CF251E}]
"InterfaceGuid"="1ba3977e5693e811884b448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{59052DAA-3EC2-4E6B-9DC9-73E98CF9FABC}]
"InterfaceGuid"="b06763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{7469E590-2788-4335-B165-F46613F53DF2}]
"InterfaceGuid"="b16763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{7FB6E0E7-E815-4966-AB6F-28C50E838060}]
"InterfaceGuid"="2cc37fe87ccbe71187fb448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{8796B1D2-510F-463A-84FE-0766320E0855}]
"InterfaceGuid"="690f0ab73463e81189a8448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{8C3B6B71-E027-4D75-A1E0-9A34E3E9B729}]
"InterfaceGuid"="20a3977e5693e811884b448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{9616A8CC-3AF1-48D1-BE7B-DD32D36F4953}]
"InterfaceGuid"="2eccb179d4c6e711a61f448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{9675665B-50D4-4381-B00A-67658019BD85}]
"InterfaceGuid"="b26763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{977E51DC-4F9B-4453-8CC1-88E461E758B8}]
"InterfaceGuid"="34ccb179d4c6e711a61f448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{DA3C68E3-23D4-44A0-A32E-852ACC3001C2}]
"InterfaceGuid"="6f0f0ab73463e81189a8448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{E6162C02-22BC-4697-89A8-E23753822F84}]
"InterfaceGuid"="b36763c67398e71187ef448a5ba2c78b"
[HKLM\System\ControlSet001\Services\sbnetsys\Parameters\NdisAdapters\{F4988C3F-8C13-4A62-ACC3-1282D1F4D369}]
"InterfaceGuid"="87f64ec000f0e7118806448a5ba2c78b"

=== Fin de ExportKey ===



Reply #1December 10, 2018, 07:53:16 pm

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2145
  • Reputation:
    77
    • View Profile
Re: Faux Positif sbnetsys.sys dans Roguekiller
« Reply #1 on: December 10, 2018, 07:53:16 pm »
Bonjour,

Merci pour le signalement.
Nous avons corrigé le problème dans la version 13.0.16 de RogueKiller, sortie aujourd'hui.

Meilleures salutations.