Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adnsw831.exe


  • Please log in to reply
6 replies to this topic

#1 29

29

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 02 January 2006 - 11:42 AM

Every time I look at my process tree, I see a program called "adsnw831.exe" running. I tried to search google on "adsnw831.exe", but didn't get any results. So I searched for "adsnw" and found out that adsnw.dll is a standard windows dll.

But now I still don't know what adsnw831.exe is doing. I tried to search the forum, but didn't find anything useful. Autoruns told me a program called 279dbfcf4ed7.exe runs on logon, and the image path of that program is adsnw831.exe. Because of that, I post this in the WIndows Startup Programs Database. I really don't have a clue what an image path is - I'm kinda n00bish - so I hope I chose the right forums.

Can anyone tell me what adssnw831.exe is doing and if it's a genuine process/startup program?

Thanks in advance!

Tomas


Oh before I forget, I run Windows XP Professional.

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:23 AM

Posted 02 January 2006 - 11:48 AM

This is probably bad. Can you submit the file to http://www.bleepingcomputer.com/submit-malware.php

#3 29

29
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 02 January 2006 - 11:55 AM

Ok, done.

Thanks!

BTW, the process has been running for as long as i can remember - might even be a year or so. So if it's something bad, shouldn't it been identified as a threat already? Or isn't that necessarily so?

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:23 AM

Posted 02 January 2006 - 08:00 PM

This is definitely malware related. It is being seen as Adware.Toolbar-15

#5 29

29
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 03 January 2006 - 04:01 AM

Ok, good to know that. What should I do now? I've used several antispyware programs, but none of them were able to detect it as malware. Can I just remove adnsw831.exe from my computer and be safe, or should I do more than that?

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,614 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:23 AM

Posted 03 January 2006 - 10:20 AM

If you want, you can post a hijackthis log in the hijackthis forum and I will take a look at it for you if you reply back here with your link.

Otherwise you can just delete the file.

#7 29

29
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:23 PM

Posted 03 January 2006 - 10:36 AM

I'll delete the file from my system. I don't think there's any need for you to go to more trouble, as this this doesn't seem to be a widespread or unknown problem. Thanks very much for your help!

Kind regards,

Tomas




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users