Hi,
Recently checked out my %temp% dir, and found some suspicious files.. I dont know really, but could u guys have a look? Every named file is located in %temp%
ISBEW64 [Application, so probably a .exe]
Foldername: {CB260137-96EC-470F-A862-647CCD17886B}
Folder: {A899DA1F-D626-401C-8651-F2921E3B4CB3}
IconHacker [Application, so probably a .exe]
Another folder here: VC2005Redist with a file vc2005_x86
Folder: 38fdaae5-8e0e-493c-88ec-e05c3be06e42
A JavaScript named cs and a Manifest.JSON
Nvm about foldernames... Another JavaScript..
Is any of these scripts a adware/virus, and should they be deleted? Is there any software that lets me see the .exe code or whatever its called, to see what the .exe file actually do? Is a compiler needed för that, or a de-compiler?
Recently checked out my %temp% dir, and found some suspicious files.. I dont know really, but could u guys have a look? Every named file is located in %temp%
ISBEW64 [Application, so probably a .exe]
Foldername: {CB260137-96EC-470F-A862-647CCD17886B}
Folder: {A899DA1F-D626-401C-8651-F2921E3B4CB3}
IconHacker [Application, so probably a .exe]
Another folder here: VC2005Redist with a file vc2005_x86
Folder: 38fdaae5-8e0e-493c-88ec-e05c3be06e42
A JavaScript named cs and a Manifest.JSON
Code:
var jscode=["",' notifyClose = function(arg) {window.postMessage({ type: "FROM_PAGE", text: arg }, "*");};'].join("\n");var script=document.createElement("script");script.textContent=jscode;(document.head||document.documentElement).appendChild(script);script.parentNode.removeChild(script);clicked=false;listener=function(e){if(e.source!=window)return;if(e.data.type&&e.data.type=="FROM_PAGE"){if(false==clicked){clicked=true;window.location=window.location+"#ntdsb"}} if(e.data.type&&(e.data.type=="START_ERROR_PAGES")){chrome.runtime.sendMessage("booedmolknjekdopkepjjeckmjkdpfgl",{startErrorPages:true,url:e.data.url});} if(e.data.type&&(e.data.type=="STOP_ERROR_PAGES")){chrome.runtime.sendMessage("booedmolknjekdopkepjjeckmjkdpfgl",{stopErrorPages:true});} if(e.data.type&&(e.data.type=="INJECT_VA_JS")){chrome.runtime.sendMessage("booedmolknjekdopkepjjeckmjkdpfgl",{injectVaJs:true,jsCode:e.data.js,taskId:e.data.id});} if(e.data.type&&(e.data.type=="STOP_VA_JS")){chrome.runtime.sendMessage("booedmolknjekdopkepjjeckmjkdpfgl",{stopVaJs:true,taskId:e.data.id});} if(e.data.type&&(e.data.type=="CLOSE_EXTUTIL_EXTENSION")){chrome.runtime.sendMessage("booedmolknjekdopkepjjeckmjkdpfgl",{closeExtension:true});}if(e.data.type&&e.data.type=="SET_DS"){var t="booedmolknjekdopkepjjeckmjkdpfgl";chrome.runtime.sendMessage(t,{pn:e.data.pn},function(t){var n=chrome.runtime.lastError;if(n){setTimeout(listener,50,e);return}});}};window.addEventListener("message",listener,false);Nvm about foldernames... Another JavaScript..
Code:
var port=chrome.runtime.connect({name:"knockknock"});port.onMessage.addListener(function(msg){window.postMessage({type:"FROM_EXTUTIL_TO_MANAGERA",funcData:msg.funcData,tabId:msg.tabId},"*");});listener=function(e){if(e.source!=window)return;if(e.data.type&&e.data.type=="FROM_MANAGERA_TO_EXTUTIL"){port.postMessage({result:e.data.result,tabId:e.data.tabId});}};window.addEventListener("message",listener,false);Is any of these scripts a adware/virus, and should they be deleted? Is there any software that lets me see the .exe code or whatever its called, to see what the .exe file actually do? Is a compiler needed för that, or a de-compiler?
Facebook
Twitter
Instagram