Suspicious filename

Discussion in 'Trojan Defence Suite' started by trock, Aug 1, 2005.

Thread Status:
Not open for further replies.
  1. trock

    trock Registered Member

    Joined:
    Jul 5, 2005
    Posts:
    27
    I did a normal scan with tds-3 just for kicks, since one of my other programs was quiting on me. Not sure if there is a relation, but tds came up with this:

    Suspicious filename Dual extensions

    The information I got was this:
    File: dbg_x86_6.5.3.7.exe
    Product name: Microsoft Windows Operating System
    Version: 6.00.2600.0000
    Company name: Microsoft Corporation
    File Description: Win32 Cabinet Self-Extractor
    Internal Name: wextract
    Original Filename: WEXTRACT.EXE

    Any ideas what this is all about?
     
  2. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    The filename is flagged as suspicious because there is more than one . in it.

    not suspicious = filename.exe
    suspicious = filename.12.32.exe

    Usually flags saved files on my system such as game patches with incremental numbering such as version 1.23.
     
  3. trock

    trock Registered Member

    Joined:
    Jul 5, 2005
    Posts:
    27
    How can I tell if this is safe? What action should be taken?
     
  4. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Trock!
    Do you know the file (look in the location on your system, file properties, date when it came on your system) and you can have an extra check for instance at the jotti's or kaspersky online file scanners.
    By the description thus far it doesn't sound suspicious in no way, unless your other software was looking at it too.
     
Thread Status:
Not open for further replies.