Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Trying to find a malware dll

Posted on 2011-02-11
3
353 Views
Last Modified: 2013-11-22
Using Procmon how do I found the setup_0a.dll?

A simple newbie question: a .txt file can be infected with malware?
0
Comment
Question by:rebelscum0000
3 Comments
 
LVL 4

Assisted Solution

by:HawyLem
HawyLem earned 150 total points
ID: 34875653
Everything can be infected with malware, particularly with a shell exploit (malicious artifact code that would exploit the editor/reader of the file). But in the specific case of a txt file, this would be very rare.. due to the low complexity of the notepad application too

Using Procmon you can double click and show properties for an executable image and list his DLLs modules
0
 
LVL 23

Assisted Solution

by:edbedb
edbedb earned 150 total points
ID: 34875717
Try finding it in regedit or with Process Explorer.
http://technet.microsoft.com/en-us/sysinternals/bb896653
0
 
LVL 29

Accepted Solution

by:
Sudeep Sharma earned 200 total points
ID: 34876190
Using ProcMon (Process Monitor) Press Ctrl+H or click on Filter --> Hightlight. It would open a new window.

In this window on first drop down select "Process Name" in second drop down "is" third "setup_0a.dll" and in fourth "include". Click on Add and then click on OK, how when ever the "setup_0a.dll" is used or invoked you would see it ProcMon in different color or highlighted.

Sudeep
tmp.JPG
0

Featured Post

Create the perfect environment for any meeting

You might have a modern environment with all sorts of high-tech equipment, but what makes it worthwhile is how you seamlessly bring together the presentation with audio, video and lighting. The ATEN Control System provides integrated control and system automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
An article on effective troubleshooting
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question