 |  |
| |
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows 7. The Windows 7 forum also covers news and updates and has an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.
Windows 7 - Is this a Legit Systems File?
| |
| 05-15-2011 | #1 |
| | Is this a Legit Systems File? MSE traced a Trojan to C:\windows\system32\dpnaathlp.dll Is this a legit file, or should I go ahead and delete it? |
My System Specs |
| 05-15-2011 | #2 |
| | 
Quote: Originally Posted by Elixxir  MSE traced a Trojan to C:\windows\system32\dpnaathlp.dll Is this a legit file, or should I go ahead and delete it? |
| My System Specs |
| 05-16-2011 | #3 |
| |
Quote: Originally Posted by zigzag3143
Quote: Originally Posted by Elixxir MSE traced a Trojan to C:\windows\system32\dpnaathlp.dll Is this a legit file, or should I go ahead and delete it? Instead I have dpnathlp.dll. But MSE has the Trojan listed at dpnaathlp.dll The one visible in System32 has only 1 - a - But the with Trojan has 2 - aa -. However, the one with the Trojan is not visible in System32 Can you guide me where to find it, or how to find it, so that I can rename it. |
| My System Specs |
| . |
| |
| 05-16-2011 | #4 |
| | dpnathlp.dll is indeed a legit file, but dpnaathlp.dll is not, as stated. Did you enable hidden files and protected operating system files? Open System32 folder> Organize> View tab> Tick Show hidden Files, Folders, and Drives> Untick Hide protected Operating System Files (Recommended) (It will ask if you are sure you want to do that, ok it).  See if you can see the dpnaathlp.dll now. Then proceed as zigzag3143 said. This may just be one of several files. Suggest scanning in safe mode with MalwareBytes. Remember to change the view settings back to where they were> Untick show hidden Files, Folders, and Drives, and Retick Hide protected Operating System Files (Recommended) A Guy Edit: See my reply in the other post DeviiceEject.exe Last edited by A Guy; 05-16-2011 at 12:50 AM.. Reason: Added |
| My System Specs |
| 05-16-2011 | #5 |
| | Malware can disguise itself ... in this case, it's very close to a legit file, but it's not legit! |
| My System Specs |
| 05-16-2011 | #6 |
| | You could try the following: Submit the file to VirusTotal and see what comes back. VirusTotal - Free Online Virus, Malware and URL Scanner D/L and run Process Explorer, this is something that will allow you to further investigate it. Process Explorer Quote: The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you'll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you'll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded. The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work. Last edited by Borg 386; 05-16-2011 at 02:09 PM.. |
| My System Specs |
 |
Is this a Legit Systems File? problems?
| Thread Tools | |
| Similar Threads for: Is this a Legit Systems File? | ||||
| Thread | Forum | |||
| Access denied randomly to a Win7 P2P file server for XPs systems only, | Network & Sharing | |||
| enable file sharing between the host and Virtual systems? | Virtualization | |||
| Win7 file systems | General Discussion | |||
| Are Unix systems more secure than Windows systems? | System Security | |||
All times are GMT -5. The time now is 01:00 AM.
