Hi,

Few days ago NOD32 shows a false postive with a brazilian plugin bank known as G-Buster Browser Defense

A scan with VirusTotal show it:

~VirusTotal results removed per Policy. (http://www.wilderssecurity.com/showthread.php?t=180057) - Ron~

The path of file is: C:\WINDOWS\Downloaded Program Files\gbieh.dll.

Thanks

Send this file as an attachment to ESET Threat Lab . In the subject include information that you send them a possible false positive

The mail addrress is samples@eset.sk

Regards!

Ok,

I'm helping an user in a forum here, and I said to him to send the sample and the link to the topic there.

Thanks.

Hi,

Sorry for this 'bump', but I sent a sample to ESET and I don't received any reply :(

The problem persist. Is very boring all the time receive a malware alert on the computer.

It can take 2 weeks from what I have seen. and heard so if you want you can try resending it again maybe it did not go Thur your ISP Virus scanner never know :D

We have eventually removed detection just because the tool was created by a bank. You can read more about its suspicious behavior here (http://insanebits.blogspot.com/2007/04/g-buster-browser-defense-analysis-and.html).

~ updated link to current address of web page - agoretsky ~

Thanks for your feedback Marcos, it's really appreciate.