Notifications

Clear all

dll file in c:\programfiles

General (Technical, Procedural, Software, Hardware etc.)

Last Post by Igor_Michailov 7 years ago

4 Posts

4 Users

0 Reactions

802 Views

RSS

afsfr

(@afsfr)

Eminent Member

Joined: 7 years ago

Posts: 37

Topic starter 12/12/2018 2:11 am

we find two dll files in c\program files, should we ignore it, or if we want to investigate, what's the next step? thanks

Quote

keydet89

(@keydet89)

Famed Member

Joined: 21 years ago

Posts: 3568

12/12/2018 11:53 am

What is the version of Windows you're looking at? Is it 32- or 64-bit?

What are the names and hashes of the DLL files? Have you looked the hashes up, or done any analysis of the DLL files, even just running 'strings' against them?

Do you know when the DLL files were created on the system? Did you create a timeline of system activity, and determine what happened 'near' the time the DLL files were created? "C\programfiles" doesn't seem to be a legit folder on Windows systems; what happened on the system around the time that the folder was created?

ReplyQuote

Bunnysniper

(@bunnysniper)

Reputable Member

Joined: 13 years ago

Posts: 259

12/12/2018 12:04 pm

Do you know when the DLL files were created on the system? Did you create a timeline of system activity, and determine what

….and are they somewhere in the RAM? Do they have similar names as DLL in \system32\ have perhaps?

ReplyQuote

Igor_Michailov

(@igor_michailov)

Honorable Member

Joined: 20 years ago

Posts: 529

12/12/2018 1:10 pm

see PM please

ReplyQuote

8 Forums
15.7 K Topics
92.3 K Posts
225 Online
41.1 K Members

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed