Jump to content
gerdrah

2 false positive

Recommended Posts

I have scanned ENCAPI32.DLL to virustotal.com and it was 100% clean.

The adsl task bar has always been there for my internet connection.

***********************************************************

Malwarebytes' Anti-Malware 1.34

Version de la base de donn

Share this post


Link to post
Share on other sites

Are you guys absolutely sure encapi32.dll is safe? MBAM also picked it up for me on the ninth under suspicious circumstances. First off, there's a file called encapi32.dll and there's a file called encapi.dll; MBAM only picked up encapi32.dll . Second, most imitators have the number 32 at the end of their name. Finally, before MBAM caught encapi32.dll, I kept getting a suspicious dialogue on startup saying a program wanted to install something on my computer; the program claimed to be "Microsoft Windows installer" the fact that the letter "I" in "Installer" was lowercase was suspicious to me. Also, it claimed it wanted to install something involving something like HKEY_ROOT or HKEY_LOCAL and a bunch of random characters followed. Also, in the installer, I saw the words "REALLY SURPRESS" which was also suspicious. Also when I removed encapi32.dll, nothing bad seemed to happen as a result, meaning the file wasn't critical to my computer. I think encapi32.dll is malicious.

(P.S. What does a trojan.agent do?)

Share this post


Link to post
Share on other sites

The notify load one is malware the run load one is safe (best I can tell at this point) .

Still checking but in this case at least it is a FP .

Share this post


Link to post
Share on other sites

Hello!

Updated as of June 19, 2010 Malwarebytes found a "trojan tracur" in "encapi32.dll.

What should I do ? Delete it or not?

Has there been anything new since Feb 12 2009?

Please answer soon. I haven't switched off my PC since yesterday morning, waiting in vain for a secure answer from various forums.

Many thanks in advance.

Zx81

Share this post


Link to post
Share on other sites

Sorry! I couldn't wait any longer. I fixed the problem.

Now, :P wait and see...

Many thanks for your quick answer. ;)

Share this post


Link to post
Share on other sites
Check again now and let me know if this is fixed.

On June 22, I ran Malwarebytes and it flagged C:\WINDOWS\system32\ENCAPI32.DLL as being malicious. Here's the log:

Files Infected:

C:\sound32.dll (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\system32\ENCAPI32.DLL (Trojan.Tracur) -> Quarantined and deleted successfully.

I was then prompted to restart the computer, which I did. On re-boot, I got a message that catastrophic failure of my C: drive was imminent. Coincidence? Or could I have done something by deleting those files?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.