Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

kernel.32dll Trojan Generic??? [Will be SOLVED by db 1427]


Recommended Posts

With the update today I did a scan with 360 and it found: Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel.\32dll

 

Wondering what to think. I quarantined it.

 

Anyone have any ideas.

 

KOR-

Link to comment
Share on other sites

With the update today I did a scan with 360 and it found: Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel.\32dll

 

Wondering what to think. I quarantined it.

 

Anyone have any ideas.

 

KOR-

Hi there KOR :smile:

 

Getting the exact file names and paths is critical in situation like this. Wouldn't that detection be as follows ? :

 

Trojan Generic C:\WINDOWS$NtServicePackUninstall$\kernel32.dll

 

If it is, it is most likely a false positive. To be sure, have the file analyzed at VirusTotal :

http://www.virustotal.com/

 

**But first you'll need to dequarantine it from IS360**

 

> Once you've located and uploaded the file, it may say the file has already been scanned ; that's Ok, just click to view results. Copy/paste those results here, or simply copy/paste the link to that page, so we can have a look.

 

===

Link to comment
Share on other sites

Results and I placed the file in 'ignore' in 360.

 

Complete scanning result of "kernel32.dll", processed in VirusTotal at 05/15/2010 20:03:41 (CET).

 

[ file data ]

* name..: kernel32.dll

* size..: 983552

* md5...: 888190e31455fad793312f8d087146eb

* sha1..: 775191d293016d9541ddd6aef5ac94ab3776849a

* peid..: -

 

[ scan result ]

a-squared 4.5.0.50/20100510 found nothing

AhnLab-V3 2010.05.15.00/20100514 found nothing

AntiVir 8.2.1.242/20100514 found nothing

Antiy-AVL 2.0.3.7/20100514 found nothing

Authentium 5.2.0.5/20100515 found nothing

Avast 4.8.1351.0/20100515 found nothing

Avast5 5.0.332.0/20100515 found nothing

AVG 9.0.0.787/20100515 found nothing

BitDefender 7.2/20100515 found nothing

CAT-QuickHeal 10.00/20100515 found nothing

ClamAV 0.96.0.3-git/20100515 found nothing

Comodo 4849/20100515 found nothing

DrWeb 5.0.2.03300/20100515 found nothing

eSafe 7.0.17.0/20100513 found nothing

eTrust-Vet 35.2.7490/20100515 found nothing

F-Prot 4.5.1.85/20100515 found nothing

F-Secure 9.0.15370.0/20100515 found nothing

Fortinet 4.1.133.0/20100515 found nothing

GData 21/20100515 found nothing

Ikarus T3.1.1.84.0/20100515 found nothing

Jiangmin 13.0.900/20100515 found nothing

Kaspersky 7.0.0.125/20100515 found nothing

McAfee 5.400.0.1158/20100515 found nothing

McAfee-GW-Edition 2010.1/20100515 found nothing

Microsoft 1.5703/20100514 found nothing

NOD32 5117/20100515 found nothing

Norman 6.04.12/20100515 found nothing

nProtect 2010-05-15.01/20100515 found nothing

Panda 10.0.2.7/20100515 found nothing

PCTools 7.0.3.5/20100515 found nothing

Rising 22.47.04.03/20100514 found nothing

Sophos 4.53.0/20100515 found nothing

Sunbelt 6307/20100515 found nothing

Symantec 20101.1.0.89/20100515 found nothing

TheHacker 6.5.2.0.280/20100514 found nothing

TrendMicro 9.120.0.1004/20100515 found nothing

TrendMicro-HouseCall 9.120.0.1004/20100515 found nothing

VBA32 3.12.12.5/20100514 found nothing

ViRobot 2010.5.15.2318/20100515 found nothing

VirusBuster 5.0.27.0/20100515 found nothing

Link to comment
Share on other sites

Results and I placed the file in 'ignore' in 360.

 

Complete scanning result of "kernel32.dll", processed in VirusTotal at 05/15/2010 20:03:41 (CET).

 

[ file data ]

* name..: kernel32.dll

* size..: 983552

* md5...: 888190e31455fad793312f8d087146eb

* sha1..: 775191d293016d9541ddd6aef5ac94ab3776849a

* peid..: -

 

[ scan result ]

a-squared 4.5.0.50/20100510 found nothing

AhnLab-V3 2010.05.15.00/20100514 found nothing

AntiVir 8.2.1.242/20100514 found nothing

Antiy-AVL 2.0.3.7/20100514 found nothing

Authentium 5.2.0.5/20100515 found nothing

Avast 4.8.1351.0/20100515 found nothing

Avast5 5.0.332.0/20100515 found nothing

AVG 9.0.0.787/20100515 found nothing

BitDefender 7.2/20100515 found nothing

CAT-QuickHeal 10.00/20100515 found nothing

ClamAV 0.96.0.3-git/20100515 found nothing

Comodo 4849/20100515 found nothing

DrWeb 5.0.2.03300/20100515 found nothing

eSafe 7.0.17.0/20100513 found nothing

eTrust-Vet 35.2.7490/20100515 found nothing

F-Prot 4.5.1.85/20100515 found nothing

F-Secure 9.0.15370.0/20100515 found nothing

Fortinet 4.1.133.0/20100515 found nothing

GData 21/20100515 found nothing

Ikarus T3.1.1.84.0/20100515 found nothing

Jiangmin 13.0.900/20100515 found nothing

Kaspersky 7.0.0.125/20100515 found nothing

McAfee 5.400.0.1158/20100515 found nothing

McAfee-GW-Edition 2010.1/20100515 found nothing

Microsoft 1.5703/20100514 found nothing

NOD32 5117/20100515 found nothing

Norman 6.04.12/20100515 found nothing

nProtect 2010-05-15.01/20100515 found nothing

Panda 10.0.2.7/20100515 found nothing

PCTools 7.0.3.5/20100515 found nothing

Rising 22.47.04.03/20100514 found nothing

Sophos 4.53.0/20100515 found nothing

Sunbelt 6307/20100515 found nothing

Symantec 20101.1.0.89/20100515 found nothing

TheHacker 6.5.2.0.280/20100514 found nothing

TrendMicro 9.120.0.1004/20100515 found nothing

TrendMicro-HouseCall 9.120.0.1004/20100515 found nothing

VBA32 3.12.12.5/20100514 found nothing

ViRobot 2010.5.15.2318/20100515 found nothing

VirusBuster 5.0.27.0/20100515 found nothing

 

Hello KOR

 

Thanks for your feedback.

 

I have this dll ,but I have no problem scanning this file .

 

Firstly, after scanning, please save a report of the scanning result and send to us.

 

Secondly, you can upload to http://www.wikisend.com and give us the link or send us your suspicious file, and then we can further investigate it.

 

We are looking forward for your reply.

Link to comment
Share on other sites

kernel32.dll, 12-132 Possible False Positive ? [Will be SOLVED by db 1427]

 

IObit Security 360

 

OS:Windows XP

Version:1.4.1.11

Define Version:1426

Time Elapsed:00:02:03

Objects Scanned:3295

Threats Found:1

 

|Name|Type|Description|ID|

Trojan.Generic, File, C:\WINDOWS\$NtUninstallKB935839$\kernel32.dll, 12-132

 

 

I heard Kernel32.Dll is a legit system file.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...