Help
Filename: nosign.exe Argus
Registry value name: nosign
Command line: c:\WINDOWS\\nosign.exe /STARTUP
location: C:\WINDOWS\nosign
Description: No version, nothing descriptive from Autoruns or HT, nothing on Google (except several hits on this as an "unknown process")
Status: ? (you tell me!)
The HT log entry is:
O4 - HKLM\..\Run: [nosign] C:\WINDOWS\\nosign.exe Argus
If anyone could tell me what this is, I'd appreciate it. If it matters, I've found a second executable in my C:\WINDOWS path called mrdel.exe, that was created within minutes of the "nosign" file (in April of 2005). I cannot for the life of me figure what "nosign" does. I'm not overly worried about malware (my wife may have installed something I don't know about), but should I delete these, or at least disable the autorun on "nosign?"
I've posted on a few other forums, but no help yet. If anyone could advise, I'd be appreciative.
Page 1 of 1
Nosign.exe What the heck is that thang?
Back to top
#2
- Lord Spam Magnet
-
- Group: Site Admin
- Posts: 18,574
- Joined: 06-May 04
- Gender:Male
- Location:SW Louisiana
Posted 12 January 2006 - 12:21 AM
This is all I could find on nosign.exe.
nosign.exe
UNSAFE Application/Process Description
I couldn't find anything on mrdel.exe, which is usually a bad sign.
I suggest you post a HijackThis log for examination, just to be sure you're infection free.
Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.
Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
nosign.exe
UNSAFE Application/Process Description
I couldn't find anything on mrdel.exe, which is usually a bad sign.
I suggest you post a HijackThis log for examination, just to be sure you're infection free.
Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.
Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, GPU: eVGA GeForce 9800 GTX+, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA
Become a BleepingComputer fan: Facebook
Become a BleepingComputer fan: Facebook
#3
- New Member
-
- Group: Members
- Posts: 4
- Joined: 11-January 06
Posted 12 January 2006 - 01:33 AM
Thanks, I've posted it. I think I'm ok, but it never hurts to let the experts look it over.
#4
- Lord Spam Magnet
-
- Group: Site Admin
- Posts: 18,574
- Joined: 06-May 04
- Gender:Male
- Location:SW Louisiana
Posted 12 January 2006 - 07:45 AM
You're welcome, arioch.
Exactly.
Better safe, than sorry.
Quote
.... it never hurts to let the experts look it over.
Better safe, than sorry.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, GPU: eVGA GeForce 9800 GTX+, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA
Become a BleepingComputer fan: Facebook
Become a BleepingComputer fan: Facebook
#5
- Bleep Bleep!
-
- Group: Admin
- Posts: 36,603
- Joined: 24-January 04
- Gender:Male
- Location:USA
Posted 12 January 2006 - 05:00 PM
Actually can you submit the nosign.exe file to http://www.bleepingcomputer.com/submit-malware.php
Lawrence Abrams
Circle BleepingComputer on Google+!
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
How to detect vulnerable programs using Secunia Personal Software Inspector <- Everyone should do this!
Circle BleepingComputer on Google+!
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
How to detect vulnerable programs using Secunia Personal Software Inspector <- Everyone should do this!
#6
- New Member
-
- Group: Members
- Posts: 1
- Joined: 08-March 06
Posted 08 March 2006 - 05:44 PM
argus makes digital cameras... i found this trying to figure out the same thing... i knew what it was [not a clue what it does though ] as soon as i saw argus... they do make quality cameras but i bought one of their ultra cheap [less than 20usd] sport cameras at walmart... i guess its from their driver cd... if you have something made by argus this would be the common link between us.
] as soon as i saw argus... they do make quality cameras but i bought one of their ultra cheap [less than 20usd] sport cameras at walmart... i guess its from their driver cd... if you have something made by argus this would be the common link between us.
Share this topic:
Page 1 of 1