Jump to content
Sign in to follow this  
Followers 0
Conable

Foo_Unpack.dll (False)

By Conable, in File Detections

Recommended Posts

Conable   

Conable
Posted

I'm not sure what you recommend for the whole "Developer Mode" since it wasn't the scan that caught it..it was the Protection client..

Anyway Foobar2000 is a media player application -- http://www.foobar2000.org/

When I opened an mp3 of mine the Protection put up a warning that said Foo_Unpack.dll which is intended to allow me to listen to music that's compressed in a .zip, .rar, .7z..etc..& called it a Worm(Auto) I believe it was..

I ignored it but I don't see it in the ignore list..& I played the same track several times & can't get the warning to reproduce..

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

Let me know if you can reproduce this , I fixed one earlier that could have been this so if it does not come back it was likely the same issue .

Share this post

Link to post
Share on other sites

Conable   

Conable
Posted

Well a little good news the error popped up again when I restarted my computer..this time I got a screen shot it so at least you know it's legitimate ;-)

Is there anything I can do to help more..I've ran scans before with 0 results..this has never occurred before since my database update to 2803 - 9.15.2009

It's the protection module catching it not the scans..

I've played this song before..on this machine..in Foobar..with Malwarebytes running..but I'll do what I can to help :-)

Foo_Unpack.png

Share this post

Link to post
Share on other sites

Conable   

Conable
Posted

I don't see an option to edit my post so..if it matter to you..it's a default plugin with Foobar too..not some custom 3P plugin

Share this post

Link to post
Share on other sites

e.s   

e.s
Posted

Hi, after updating to the newest version I also am getting this foo unpack.dll autorun worm warning.

it wasnt the manual scanner that caught it, it was either the IP protection or the protection module.

it lists this IP as the outgoing IP 94.75.209.35

But as stated previously, foo_unpack.dll is part of the foobar media player software.

Maybe it is infected from the very start and its only now that we are able to pick it up, since I cant understand why its auto-running in the background when foo bar isnt even turned on, but there ya go.

I have put it in quarantine until I find out if its legit or not, I can send a copy of the file to you if you wish ?

Share this post

Link to post
Share on other sites

yapaksa   

yapaksa
Posted
This has already been corrected , make sure you update before rechecking .

Hi all, using

Database version : 2828 Date : 9/19/2009

and have the same alert with Foo_Unpack.dll

Share this post

Link to post
Share on other sites

nosirrah   

nosirrah
Posted

I cant replicate this so there must be some sort of heuristic linking hitting here , what is the full path to that file on your system ?

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept