Help on possible infection with "GDIPLUS.DLL"

jana
jana used Ask the Experts™
on
I've run my malware utilitie ("Malwarebytes") and the result came back with a file named  "GDIPLUS.DLL" that was read as infected (see attatched).

gdiplus.dll seems to be part of utilities I downloaded sometime back:

              Angry IP.exe
              NetShareMonitor.exe

Both these apps were recommended by EE in one of our questions.

My question is:

              1.  How can I know that  "GDIPLUS.DLL" is freally bad?
              2.  Malwarebytes indicated the gdiplus.dll  in C:\Windows\System32 is
                   also bad, should I click "remove" on the software to clean it?
              3.  Is it safe to click "Remove" on Malwarebytes and not have my Windows
                   affected performance wise?

FYI:  I have Windows 7 Pro

I know gdiplus.dll contains libraries for the GDI graphics interface, so this being confusing, how can make sure that my PC is rid of the "PUP.Malware.Tool", "Malware.Packer.Gen", "PUP.Malware.Tool" and "Trojan.DNSChanger".




Files Infected:
C:\Program Files\IP Scanners\Angry IP.exe (PUP.Malware.Tool) -> No action taken.
C:\Program Files\MDIConvertor\gdiplus.dll (Malware.Packer.Gen) -> No action taken.
C:\Windows\System32\GDIPLUS.DLL (Malware.Packer.Gen) -> No action taken.
C:\Users\Username\Documents\\Downloads\Angry IP.exe (PUP.Malware.Tool) -> No action taken.
C:\Program Files\Network Monitor\NetShareMonitor.exe (Trojan.DNSChanger) -> No action taken.

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
If you are not experiencing any problems it maybe safe to ignore. You can be sure by submitting the file to different websites for them to check it:

http://www.kaspersky.com/scanforvirus
http://www.threatexpert.com/filescan.aspx
http://www.virustotal.com/
In your arsenal you should have a few more programs.  Malwarebytes is strong but each program has a strength the other doesnt.  Check these out and see if they come up with it.  

A-squared Emergency USB: http://www.emsisoft.com/en/software/stick/
Spybot: www.safer-networking.org/

Author

Commented:
gbarrientos:

     I have not been experiencing any problems as to my knowledge.  Is there is a way to really find
     out if this file are infectef?

      I have Malwarebytes on the "Remove Selected" screen.  So you suggest to first submit the
       "GDIPLUS.DLL" and wait for thier response?

Knightsman:

    I used Spybot and it didn't detected.  However you suggestion doesn't help on my
    question.  What should I do?

In essence, how can I know that this file is really infected???
Introduction to R

R is considered the predominant language for data scientist and statisticians. Learn how to use R for your own data science projects.

*** Hopeleonie ***IT Manager

Commented:
San you run Hitman Pro?
http://www.surfright.nl/en/downloads/

Activate the 30 day trial and try to clean.
Did you try uploading the file to be scanned by those websites?

Author

Commented:
Yes.

For:

  C:\Program Files\IP Scanners\Angry IP.exe,
            virustotal.com said is "goodware".  
            threatexpert.com didn't work, didn't submit.
            kaspersky.com says "detected a virus", infected by not-a-virus:NetTool.Win32.Portscan.c

For:

  C:\Program Files\MDIConvertor\gdiplus.dll
            virustotal.com says nothing, no message as infected, but does say it isn't
            threatexpert.com didn't work, didn't submit.
            kaspersky.com says "has not detected any viruses"

For:

   C:\Windows\System32\GDIPLUS.DLL
            virustotal.com says nothing, no message as infected, but does say it isn't
            threatexpert.com didn't work, didn't submit.
            kaspersky.com says "has not detected any viruses"

For:

   C:\Program Files\Network Monitor\NetShareMonitor.exe
            virustotal.com says nothing, but places resukt "1" in red
            threatexpert.com didn't work, didn't submit.
            kaspersky.com says  "has not detected any viruses"

Whats the next step?
 
I would say your fine. Kaspersky is pretty reliable. Besides your not experiencing any symptoms.

Author

Commented:
Ok... any other observation prior closing the question?

Author

Commented:
Thanx

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial