Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

kernel.32dll Trojan Generic??? [Will be SOLVED by db 1427]


Recommended Posts

Posted

With the update today I did a scan with 360 and it found: Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel.\32dll

 

Wondering what to think. I quarantined it.

 

Anyone have any ideas.

 

KOR-

Posted
With the update today I did a scan with 360 and it found: Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel.\32dll

 

Wondering what to think. I quarantined it.

 

Anyone have any ideas.

 

KOR-

Hi there KOR :smile:

 

Getting the exact file names and paths is critical in situation like this. Wouldn't that detection be as follows ? :

 

Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel32.dll

 

If it is, it is most likely a false positive. To be sure, have the file analyzed at VirusTotal :

http://www.virustotal.com/

 

**But first you'll need to dequarantine it from IS360**

 

> Once you've located and uploaded the file, it may say the file has already been scanned ; that's Ok, just click to view results. Copy/paste those results here, or simply copy/paste the link to that page, so we can have a look.

 

===

Posted

Results and I placed the file in 'ignore' in 360.

 

Complete scanning result of "kernel32.dll", processed in VirusTotal at 05/15/2010 20:03:41 (CET).

 

[ file data ]

* name..: kernel32.dll

* size..: 983552

* md5...: 888190e31455fad793312f8d087146eb

* sha1..: 775191d293016d9541ddd6aef5ac94ab3776849a

* peid..: -

 

[ scan result ]

a-squared 4.5.0.50/20100510 found nothing

AhnLab-V3 2010.05.15.00/20100514 found nothing

AntiVir 8.2.1.242/20100514 found nothing

Antiy-AVL 2.0.3.7/20100514 found nothing

Authentium 5.2.0.5/20100515 found nothing

Avast 4.8.1351.0/20100515 found nothing

Avast5 5.0.332.0/20100515 found nothing

AVG 9.0.0.787/20100515 found nothing

BitDefender 7.2/20100515 found nothing

CAT-QuickHeal 10.00/20100515 found nothing

ClamAV 0.96.0.3-git/20100515 found nothing

Comodo 4849/20100515 found nothing

DrWeb 5.0.2.03300/20100515 found nothing

eSafe 7.0.17.0/20100513 found nothing

eTrust-Vet 35.2.7490/20100515 found nothing

F-Prot 4.5.1.85/20100515 found nothing

F-Secure 9.0.15370.0/20100515 found nothing

Fortinet 4.1.133.0/20100515 found nothing

GData 21/20100515 found nothing

Ikarus T3.1.1.84.0/20100515 found nothing

Jiangmin 13.0.900/20100515 found nothing

Kaspersky 7.0.0.125/20100515 found nothing

McAfee 5.400.0.1158/20100515 found nothing

McAfee-GW-Edition 2010.1/20100515 found nothing

Microsoft 1.5703/20100514 found nothing

NOD32 5117/20100515 found nothing

Norman 6.04.12/20100515 found nothing

nProtect 2010-05-15.01/20100515 found nothing

Panda 10.0.2.7/20100515 found nothing

PCTools 7.0.3.5/20100515 found nothing

Rising 22.47.04.03/20100514 found nothing

Sophos 4.53.0/20100515 found nothing

Sunbelt 6307/20100515 found nothing

Symantec 20101.1.0.89/20100515 found nothing

TheHacker 6.5.2.0.280/20100514 found nothing

TrendMicro 9.120.0.1004/20100515 found nothing

TrendMicro-HouseCall 9.120.0.1004/20100515 found nothing

VBA32 3.12.12.5/20100514 found nothing

ViRobot 2010.5.15.2318/20100515 found nothing

VirusBuster 5.0.27.0/20100515 found nothing

Posted
Results and I placed the file in 'ignore' in 360.

 

Complete scanning result of "kernel32.dll", processed in VirusTotal at 05/15/2010 20:03:41 (CET).

 

[ file data ]

* name..: kernel32.dll

* size..: 983552

* md5...: 888190e31455fad793312f8d087146eb

* sha1..: 775191d293016d9541ddd6aef5ac94ab3776849a

* peid..: -

 

[ scan result ]

a-squared 4.5.0.50/20100510 found nothing

AhnLab-V3 2010.05.15.00/20100514 found nothing

AntiVir 8.2.1.242/20100514 found nothing

Antiy-AVL 2.0.3.7/20100514 found nothing

Authentium 5.2.0.5/20100515 found nothing

Avast 4.8.1351.0/20100515 found nothing

Avast5 5.0.332.0/20100515 found nothing

AVG 9.0.0.787/20100515 found nothing

BitDefender 7.2/20100515 found nothing

CAT-QuickHeal 10.00/20100515 found nothing

ClamAV 0.96.0.3-git/20100515 found nothing

Comodo 4849/20100515 found nothing

DrWeb 5.0.2.03300/20100515 found nothing

eSafe 7.0.17.0/20100513 found nothing

eTrust-Vet 35.2.7490/20100515 found nothing

F-Prot 4.5.1.85/20100515 found nothing

F-Secure 9.0.15370.0/20100515 found nothing

Fortinet 4.1.133.0/20100515 found nothing

GData 21/20100515 found nothing

Ikarus T3.1.1.84.0/20100515 found nothing

Jiangmin 13.0.900/20100515 found nothing

Kaspersky 7.0.0.125/20100515 found nothing

McAfee 5.400.0.1158/20100515 found nothing

McAfee-GW-Edition 2010.1/20100515 found nothing

Microsoft 1.5703/20100514 found nothing

NOD32 5117/20100515 found nothing

Norman 6.04.12/20100515 found nothing

nProtect 2010-05-15.01/20100515 found nothing

Panda 10.0.2.7/20100515 found nothing

PCTools 7.0.3.5/20100515 found nothing

Rising 22.47.04.03/20100514 found nothing

Sophos 4.53.0/20100515 found nothing

Sunbelt 6307/20100515 found nothing

Symantec 20101.1.0.89/20100515 found nothing

TheHacker 6.5.2.0.280/20100514 found nothing

TrendMicro 9.120.0.1004/20100515 found nothing

TrendMicro-HouseCall 9.120.0.1004/20100515 found nothing

VBA32 3.12.12.5/20100514 found nothing

ViRobot 2010.5.15.2318/20100515 found nothing

VirusBuster 5.0.27.0/20100515 found nothing

 

Hello KOR

 

Thanks for your feedback.

 

I have this dll ,but I have no problem scanning this file .

 

Firstly, after scanning, please save a report of the scanning result and send to us.

 

Secondly, you can upload to http://www.wikisend.com and give us the link or send us your suspicious file, and then we can further investigate it.

 

We are looking forward for your reply.

Posted
Who do I send these reports to?

 

Sending privately to hxin.

KOR-

 

Hi KOR

 

It's a FP.We will solve this issue in our later update definition 1427.

 

Thank you.

Posted

kernel32.dll, 12-132 Possible False Positive ? [Will be SOLVED by db 1427]

 

IObit Security 360

 

OS:Windows XP

Version:1.4.1.11

Define Version:1426

Time Elapsed:00:02:03

Objects Scanned:3295

Threats Found:1

 

|Name|Type|Description|ID|

Trojan.Generic, File, C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll, 12-132

 

 

I heard Kernel32.Dll is a legit system file.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...