BleepingComputer.com: Nosign.exe

Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Nosign.exe What the heck is that thang?

#1 User is offline   arioch 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 4
  • Joined: 11-January 06

Posted 11 January 2006 - 09:11 PM

Filename: nosign.exe Argus
Registry value name: nosign
Command line: c:\WINDOWS\\nosign.exe /STARTUP
location: C:\WINDOWS\nosign
Description: No version, nothing descriptive from Autoruns or HT, nothing on Google (except several hits on this as an "unknown process")
Status: ? (you tell me!)

The HT log entry is:

O4 - HKLM\..\Run: [nosign] C:\WINDOWS\\nosign.exe Argus

If anyone could tell me what this is, I'd appreciate it. If it matters, I've found a second executable in my C:\WINDOWS path called mrdel.exe, that was created within minutes of the "nosign" file (in April of 2005). I cannot for the life of me figure what "nosign" does. I'm not overly worried about malware (my wife may have installed something I don't know about), but should I delete these, or at least disable the autorun on "nosign?"

I've posted on a few other forums, but no help yet. If anyone could advise, I'd be appreciative.

#2 User is offline   tg1911 

  • Lord Spam Magnet
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Site Admin
  • Posts: 18,434
  • Joined: 06-May 04
  • Gender:Male
  • Location:SW Louisiana

Posted 12 January 2006 - 12:21 AM

This is all I could find on nosign.exe.
nosign.exe
UNSAFE Application/Process Description

I couldn't find anything on mrdel.exe, which is usually a bad sign.
I suggest you post a HijackThis log for examination, just to be sure you're infection free.

Read How to post a HijackThis Log.
Please read, and follow, all directions carefully.

Then, run a log, and post it in the HijackThis forum, at this link. Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, GPU: eVGA GeForce 9800 GTX+, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 User is offline   arioch 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 4
  • Joined: 11-January 06

Posted 12 January 2006 - 01:33 AM

Thanks, I've posted it. I think I'm ok, but it never hurts to let the experts look it over.

#4 User is offline   tg1911 

  • Lord Spam Magnet
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Site Admin
  • Posts: 18,434
  • Joined: 06-May 04
  • Gender:Male
  • Location:SW Louisiana

Posted 12 January 2006 - 07:45 AM

You're welcome, arioch.

Quote

.... it never hurts to let the experts look it over.
Exactly.
Better safe, than sorry. :thumbsup:
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, GPU: eVGA GeForce 9800 GTX+, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#5 User is offline   Grinler 

  • Bleep Bleep!
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Admin
  • Posts: 36,175
  • Joined: 24-January 04
  • Gender:Male
  • Location:USA

Posted 12 January 2006 - 05:00 PM

Actually can you submit the nosign.exe file to http://www.bleepingcomputer.com/submit-malware.php
Lawrence Abrams
Circle BleepingComputer on Google+!
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
How to detect vulnerable programs using Secunia Personal Software Inspector <- Everyone should do this!

#6 User is offline   albundy 

  • New Member
  • Pip
  • Find Topics
  • Group: Members
  • Posts: 1
  • Joined: 08-March 06

Posted 08 March 2006 - 05:44 PM

argus makes digital cameras... i found this trying to figure out the same thing... i knew what it was [not a clue what it does though :thumbsup:] as soon as i saw argus... they do make quality cameras but i bought one of their ultra cheap [less than 20usd] sport cameras at walmart... i guess its from their driver cd... if you have something made by argus this would be the common link between us.

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users