Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mysterious new temp folder with ms security related files and unusual network connections


  • Please log in to reply
1 reply to this topic

#1 drinkytheclown

drinkytheclown

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 25 April 2011 - 09:57 PM

I have virtually no resources available on my vista 32 laptop, constant disk activity, and some unusual files lying around...

c:\Windows\Temp4CE82EFE-1C12-C139-3893-58A133C78EC9-Signatures
mpasbase.vdm 11,894
mpasdlta.vdm 783k
mpavbase.vdm 43,666 k
mpavdlta.vdm 2,257 k
mpengine.dll 5,753 k

mse is the only virus software i have running and could not find info on this folder anywhere so i'm a bit concerned it may be comprimised after finding everything closed and port activity to 204.160.118.254 on several different ports, including 80, in and out on a pid for one of the windows network services. the ip looks like a porn site and is mentioned in a few virus definitions for backdoor activity but i don't have any of the other files or problems associated with what i found.

i don't know where to go from here. full mse scan is clean. i'm having resource trouble with almost everything i try to run.

BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:56 PM

Posted 26 April 2011 - 08:12 AM

http://www.bleepingcomputer.com/filedb/mpengine.dll-41696.html

http://www.bleepingcomputer.com/filedb/mpasbase.vdm-41694.html

As for your statement concerning resources...you may have a damaged install of MSE or some other program.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users