spyware terminator

Discussion in 'other anti-trojan software' started by bamaman66, Oct 14, 2007.

Thread Status:
Not open for further replies.
  1. bamaman66

    bamaman66 Registered Member

    Joined:
    Aug 11, 2006
    Posts:
    366
    I have just run spyware terminator for the first time since I installed it. It identified ansmtp.dll as a critical object located in C:\WINDOWS\system32. I have been using adaware, spybot, and superantispyware without this being identified as a problem. Could someone give me some advice?
     
  2. Wordward

    Wordward Former Poster

    Joined:
    Jan 12, 2007
    Posts:
    707
    If you google the dll. you will see it is most likely something you don't want to have on your pc. you be the judge after googling it first though.
     
  3. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Just Googled that file name myself. The results certainly make me extremely suspicious.
    Another step to try, upload the file to virustotal for scanning; it seems that in some, maybe rare, cases, it can be valid.
    Right click on the file (the file itself, not the ST result) and check the file properties. The info (or lack of) should clinch it.
    This is the sort of investigation one should do anytime a suspicious item is found on a (previously believed to be clean) computer. Some programs have the odd FP. Some more than others. You can seriously bork your system by deleting the wrong file.
    Done that!

    [edit] PS in the ST program is a file analysing tool. Use it. It can give all sorts of info about the file, including the md5 and associated registry entries, and the size.
     
  4. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Can you post a screenshot of it? It sounds interesting :)
     
  5. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Here are a couple. First is it, not doing anything. Second, after scanning a rather common OS file. The .txt attachment is the scan result having "copied to clipboard".
    This is interesting, and IMO offers simple possibilities to find traces of unknown malware and eliminate the vestiges of same. Or prevent so-called "cleaned" malware that keeps re-creating itself from doing so.
     

    Attached Files:

  6. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Very nice, thanks :)
     
Thread Status:
Not open for further replies.