Questionable files in XP

[Guest]

I am running xp pro and noticed a few files in the system32 directory that
seems suspicious. The files in question are nsu3d3.dll, nsy72.dll, nst2b.dll
and nsk32.dll. I am almost sure they all were created on the same day and
time (4-11-06 at 3:09a.m.). The properties on all files show blanks,(company,
product name, etc) no info. They are all 77.0KB in size. I did a windows
search for that particular date the files were created, but these are the
only files in the search results for that date. I also googled each file but
came up with nothing. Various spyware and virus scans do not detect these 4
files either. I think they could be left over from an infestation awhile back
but I am not that sure because a lack of info. They also could be part of a
legitimate software install, but again no info. Is anyone familiar with these
particular files so I can move on to either rename them or delete them
permenantly. Any info on the four mentioned files would be a great help.

 

[Guest]

I am running xp pro and noticed a few files in the system32 directory that
seems suspicious. The files in question are nsu3d3.dll, nsy72.dll, nst2b.dll
and nsk32.dll. I am almost sure they all were created on the same day and
time (4-11-06 at 3:09a.m.). The properties on all files show blanks,(company,
product name, etc) no info. They are all 77.0KB in size. I did a windows
search for that particular date the files were created, but these are the
only files in the search results for that date. I also googled each file but
came up with nothing. Various spyware and virus scans do not detect these 4
files either. I think they could be left over from an infestation awhile back
but I am not that sure because a lack of info. They also could be part of a
legitimate software install, but again no info. Is anyone familiar with these
particular files so I can move on to either rename them or delete them
permenantly. Any info on the four mentioned files would be a great help.

if google brings up nothing then leave them be.

Flamer.

 

[Wesley Vogel]

A Google search for nsu3d3.dll brings back nothing which is a good indicator
that nsu3d3.dll is some sort of malware.

nsy72.dll is part of HotSearchBar

nst2b.dll is part of a Browser Helper Object called web compressor -
{23FB5ADD-DA37-4a40-9FC0-B0E2384CDE92}

nsk32.dll is part of Beginto

None of the three above, strike that. None of the four above are anything
that I would want.

Update your antivirus software and run a full system scan.

Update whatever anti-spyware applications that you have and run a full
system scan with each one.

You might want to start in Safe Mode to run your antivirus and anti-spyware
software.

Running a full system antivirus scan or anti-spyware scan in Safe Mode can
be a good idea. Some viruses and other malware like to conceal themselves
in areas Windows protects while using them. Safe mode will prevent those
applications access and therefore unprotect the viruses or other malware
allowing for easier removal.

How to start Windows in Safe Mode Windows XP
http://www.bleepingcomputer.com/forums/index.php?showtutorial=61#winxo


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

 

[Guest]

<< None of the four above are anything
that I would want.>>


Thanks Wesley,
I do run an updated avg and an updated adaware scans every few days with no
mention of these files. My system comes up clean on both scans. These file
must have been on my hard drive for awhile (4-11-06) without me knowing. By
what you have found it doesn't sound like these files should be in my
system32 directory or anywhere on my system. I am wondering why any of the
scans didn't pick these up. I do appreciate your effort. I'm now going to
rename these files to be on the safe side. Then if no ill
affects........DELETION!!!

 

[Malke]

<< None of the four above are anything
that I would want.>>


Thanks Wesley,
I do run an updated avg and an updated adaware scans every few days with
no mention of these files. My system comes up clean on both scans. These
file
must have been on my hard drive for awhile (4-11-06) without me knowing.
By what you have found it doesn't sound like these files should be in my
system32 directory or anywhere on my system. I am wondering why any of the
scans didn't pick these up. I do appreciate your effort. I'm now going to
rename these files to be on the safe side. Then if no ill
affects........DELETION!!!

You need more than one antimalware tool and AVG looks for viruses, not
malware. Here are some general malware removal steps:

http://www.elephantboycomputers.com/page2.html#Removing_Malware

As noted in the link above, do the preparatory work and scans in Safe Mode.

Malke