Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive) (Read 5561 times)
0 Members and 1 Guest are viewing this topic.
!Donovan
Web Analyst
Avast Evangelist
Super Poster
Posts: 2219
Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
«
on:
May 02, 2009, 11:27:59 AM »
http://www.virustotal.com/analisis/3f66f73002c31fd0b28b76b5d28e1c30
I don't know if its important or not nor if its a virus or not but only two anti-viruses detect it. Mcafee detected new malware and ESafe detected Win:32 Banker. If it isn't a false positive, what should my next action be? Is it required that I open the dll in notepad and give you the coding in it?
~Donovan
Logged
Familiarize Yourself!
|
Educate Yourself!
|
Beautify Yourself!
|
Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."
RejZoR
Polymorphic Sheep
Serious Graphoman
Posts: 9406
We are supersheep, resistance is futile!
Re: Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
«
Reply #1 on:
May 02, 2009, 11:32:06 AM »
Erm, avast! is not detecting it so i don't really see a problem here.
Plus the file is in a correct location.
Logged
Visit my webpage
Angry Sheep Blog
!Donovan
Web Analyst
Avast Evangelist
Super Poster
Posts: 2219
Re: Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
«
Reply #2 on:
May 02, 2009, 11:36:13 AM »
Thanks for your feedback so quick. I wanted to be sure. But then again, it could be real because the first time I download, updated, and ran a full scan with Malwarebytes' Anti-Malware, it found 39 viruses, lots of Myfunweb, Trojans, and bankers.
Logged
Familiarize Yourself!
|
Educate Yourself!
|
Beautify Yourself!
|
Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."
RejZoR
Polymorphic Sheep
Serious Graphoman
Posts: 9406
We are supersheep, resistance is futile!
Re: Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
«
Reply #3 on:
May 02, 2009, 01:37:15 PM »
Can you pack this user32.dll file to 7z or RAR archive and send it to rejzor@gmail.com ?
I'll check it out for you what it is exactly.
Logged
Visit my webpage
Angry Sheep Blog
!Donovan
Web Analyst
Avast Evangelist
Super Poster
Posts: 2219
Re: Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)
«
Reply #4 on:
May 03, 2009, 05:50:52 PM »
I sent the file in 7z achivement to the email address you told me.
Reply:
It looks normal. But i suggest you send this file to eSafe (the one
which was detecting it as Banker) and wait for their analysis. If it's
a FP, they'll fix it, if it's not, they'll confirm it's a malware.
How do I send it to eSafe?
«
Last Edit: May 03, 2009, 05:54:10 PM by Donovansrb10
»
Logged
Familiarize Yourself!
|
Educate Yourself!
|
Beautify Yourself!
|
Scan Yourself!
"People who say it cannot be done should not interrupt those who are doing it."
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Win:32 Banker found in C:\WINDOWS\system32\user32.dll (Might Be False Positive)