What do you make of this?

Discussion in 'malware problems & news' started by AaLF, Jan 4, 2007.

Thread Status:
Not open for further replies.
  1. AaLF

    AaLF Registered Member

    Feb 20, 2005
    Normally my XP boot-up is 'kicked-off' with the NOD32 splash screen. But today the splash screen cannot appear until I action this "drop-in";


    Now I tried out DSA for a few days and uninstalled yesterday. The location of the file above as you can see is from the 'uninstalled' folder where I store potential applications. Note: DSA is no longer installed yet it's popping up. As soon as I opt for cancel CyberHawk swoops in with this;


    Do I kick open the WIN32 folder, barge in and beat it up with a 'right-click' on the mouse and followed up with 'the shredder'? Or are there certain subtle protocols one should follow?
  2. yankinNcrankin

    yankinNcrankin Registered Member

    May 6, 2006
    Sounds like a legitimate program got a piggy-back but now a days you never know 'cus the doors can swing both ways, any knowledge on how a program was coded-designed can be used to exploit and the more programs the more chances for exploit thats just my personal opinion. I were you I would delete place of install then shred. Clean out registry, run your scans :D Funny thing is remenants of many different programs could be used as potential backdoors or aids in allowing malware to make way onto inviting systems. Rule of thumb when you done with something get rid of it ALL OF IT.
  3. Ice_Czar

    Ice_Czar Registered Member

    May 21, 2002
    Boulder Colorado
    most trojans have two parts an exe and a dll, failure to get it all often means it bootstraps back into memory and reinfects
    best to find the specific instructions to delete it manually which often means
    using Regsvr32 or employing someone's security ap to do it automatically (and sometimes with additional manual steps)
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.