Mystery File

Discussion in 'Trojan Defence Suite' started by EdBB, Nov 15, 2003.

Thread Status:
Not open for further replies.
  1. EdBB

    EdBB Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    24
    Good day:

    I found a mysterious folder on my C drive today. It is named e461501210837d39f20438efb4 and contains a folder named "download". In turn, this folder contains a file named dao360.dll._p .
    I scanned it with Wormguard that called it "suspicious" because of the double extension. I scanned it with TDS-3 with no reaction. I scanned it with Panda AV ( completely updated) and no viruses found. Pest Patrol found nothing wrong with it.

    Is it possible that this is some debris left over from a recent Microsoft Explorer update?

    Should I send it in anyway ?

    Ed
     
  2. subratam

    subratam Registered Member

    Joined:
    Nov 14, 2003
    Posts:
    1,310
    Location:
    Issaquah, WA
    i think u dun hav to worry bout it... i am sure u recently ran a windows update from ur computer rite??
    and i also hav the same file as u got just the name is changed.. i think its the file where the updated files are kept alongwith installed dlls as i hav this file full of dlls alongwith download folder Ip folder etc... if i am wrong i want anyone to correct me
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi EdBB
    Of course you can send it in submit@diamondcs.com.au just to be extra sure, better safe then sorry.
    I find various dao360* files in program files\common files\microsoft shared\dao and in microsoft office\
    so it might have to do with such an update?
     
  4. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Almost certain this is a genuine windows update file. If your AV / AT do not alert on it I am sure you are safe :)
     
  5. EdBB

    EdBB Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    24
    Pilli/Jooske/Subratam:

    Thanks for the quick response. Glad to hear that it's just MS Update leftovers. :)

    I shall ignore it.

    EdBB
     
Thread Status:
Not open for further replies.