msxml2r32.exe? what is this?

?

...

Every time I restart Vista Ult with latest updates, I notice my router's
lights blinking and I recently noticed this setting that keeps coming back
on my Persistent Port Forwarding options:
msxml2r32 Inbound Port 1757 on TCP

I delete this setting and restart the PC, and it's back.

I can't find this find anywhere on my PC. I've searched the net and only
found couple of Korean or Chinese sites that I don't understand, but they
mention Norton Antivirus, and a folder path to
C:\windows\system\msxml2r32.exe
I've looked on HKLM Run and HKCU Run settings in regedit, I've searched the
whole PC (indexed and non-indexed folders) and I am unable to find this
file.
Has anyone else come accross this?
Thanks
Gino
 
G

Guest

It is highly likely to be malware of some sort. Malware can configure your
router if it is configurable via UPNP, or if you have typed your password for
the router on the infected system.

I found one site that stated the file name has been found on a virus written
in either Japanese or Korean that randomly chose names. Symantec calls it
antinny. Here's the page:
http://www.symantec.com/security_response/writeup.jsp?docid=2003-080817-4045-99&tabid=3

Have you scanned this system with a virus scanner from neutral media?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Vista Ultimate: Unable to Locate Drivers 15
FS605 Netgear blinking led? No LAN connection to a PC. 6
Activate Screen Saver Icon 2
Windows 10 after a recovery and apps removed this is what I found interesting 3
MidiDef32.exe- WHAT IS IT? 6
windows doesnt know what an exe is?!?! 3
HELP!!! VPN OUTBOUND PROBLEM 5
"wintis32.exe", what is it? 4

Top