Suspicious Files

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by avilo4u, Jan 4, 2006.

  1. avilo4u

    avilo4u Private First Class

    I just completed a scan by spycatcher express and it found the following suspicious files. These were found after completing all steps in 'read and run me first' thread, including all alternative scans. Does anyone know if i should get rid of them. (Active search, clickAlchemy, cws.HomeSearchAssistent, Remote Control Panel, TwainTech and Web Offer were quarantined)

    Suspicious Files
    C:\WINDOWS\bdoscandel.exe
    C:\WINDOWS\Downloaded Program Files\bdup.dll
    C:\WINDOWS\System32\E3TL.DLL
    C:\WINDOWS\Downloaded Program Files\ipsupd.dll
    C:\WINDOWS\System32\wmfhotfix.dll
    C:\WINDOWS\System32\ZPORT4AS.dll

    Also found was as an ('Internet Explorer Spyware') and was quarantined:
    DotCom Toolbar
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\SymAData.dll
    which i thought was from Norton. Also this was never pointed out in Hijackthis logs as anything to fix so im not sure it it should have deleted it??

    Thanx for any help.
     
    avilo4u, Jan 4, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    First a note: HijackThis is not a spyware scanner. It just shows values from certain registry keys that it has been designed to look at. It also does not make any decision as to whether something is good or bad. That is why it is only a tool that experienced users should use.

    I don't believe there are any problems
    C:\WINDOWS\bdoscandel.exe <--- This is BitDefender
    C:\WINDOWS\Downloaded Program Files\bdup.dll <--- You mean bdupd.dll not bdup.dll and it is BitDefender
    C:\WINDOWS\System32\E3TL.DLL <--- I do not have too much info on. But what I do have states it is commonly found here and is not a problem. Right click on it and get properties to find out what it is.
    C:\WINDOWS\Downloaded Program Files\ipsupd.dll <--- This is BitDefender
    C:\WINDOWS\System32\wmfhotfix.dll <--- you should know what this is. You must have just downloaded the wmfhotfix patch.
    C:\WINDOWS\System32\ZPORT4AS.dll <--- not sure what it is for but I don't think it is a problem. It is even downloadable from http://www.dldll.com/l.php?i=5559 It is a DLL compiled using Borland C++ .
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\SymAData.dll <--- This if Symantec
     
    chaslang, Jan 4, 2006
    #2
  3. avilo4u

    avilo4u Private First Class

     
    avilo4u, Jan 4, 2006
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You probably do not need the file. It was more than like from an online scan at Symantec and if ever needed, it will redownload. Symantec does not make spyware. SpyCatcher was wrong about that and also the other items.
     
    chaslang, Jan 5, 2006
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds