Re: Malware or no ?
- From: "MowGreen [MVP]" <mowgreen@xxxxxxxxxxxxx>
- Date: Sun, 06 Aug 2006 14:52:50 -0700
Bill,
Scan " System.dll " at this website : http://www.virustotal.com/en/indexf.html
Please post back with what is detected.
MowGreen [MVP 2003-2006]
===============
*-343-* FDNY
Never Forgotten
===============
bill wrote:
XP with SP2.
On every startup, a file named "System.dll" (size 10,240 bytes)
is created in my windows default temp directory in a newly created
subdirectory named "nsxx.tmp" (xx = it varies). The creation date &
time reflects when it was placed in the temp sub directory on startup.
There is no other identification even viewing it with a hex viewer.
There are also 4-6 prefetch related entries like
"\windows\prefetch\NS4.TMP-3A84D703.pf"
but putting them up in the hex viewer reveals nothing except they check
the standard system DLLs to hook various functions as obviously
whatever program it is needs them. I'm not experienced enough to ID
the program itself.
AdAware identifies it as "Adware Maxfiles". I have also tried HiJackThis and
many of the other recommeded malware detector/removers without luck.
My AVG free edition anti-virus program does not recognize it as a virus.
A google on it returns numerous hits describing it as malware but no
solutions other than what I've tried already.
Should I be worried about this ? Anyone familiar with it ? Suggestions ?
Bill Mudd
- Follow-Ups:
- Re: Malware or no ?
- From: bill
- Re: Malware or no ?
- References:
- Malware or no ?
- From: bill
- Malware or no ?
- Prev by Date: Re: policy overview
- Next by Date: Cannot shut down remote WinXP Home machine
- Previous by thread: Malware or no ?
- Next by thread: Re: Malware or no ?
- Index(es):
Relevant Pages
|
Loading
