Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Question on two .exe files

  1. #1

    Question on two .exe files


    Recently, two program have been trying to do something on my computer. One is called


    and the other


    My firewall stopped them and put a major severity flag on them. So, I back traced them and they have both came from the same place, an ISP called National Net down in Georgia. I have Googled to try and find info on both of the programs, but nothing has come up. I have sent an e-mail to the admin asking to know what the programs are because I am curious. As of yet, the admin has failed to return a message, and I suspect he/she never willl. So, any info on these two programs would be greatly appreciated.

    Thanks in advance.

    And please note, I am not one bit worried about these programs. They aren't viruses unless my Norton Antivirus Corporate Edition can't find them, and my firewall stopped whatever they were trying to do. I am just curious as to what they are.
    Don\'t mistake lack of talent for genius.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Have you done a check for spyware/adware? Perhaps firing up HiJackThis!, CWShredder and Adware/Spybot to see if there is anything else with those files?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Ok. I just ran Adaware and Spybot 1.3. They are both fully updated, and neither of them found the programs. Also note that my Norton Antivirus scanner is updated as well.

    I have gotten advice from another online friend to move the files to a folder called backup, and to make a restore point before I do that. What do you guys think?
    Don\'t mistake lack of talent for genius.

  4. #4
    Regal Making Handler
    Join Date
    Jun 2002
    I would suggest that you submit them to Symantec.

    To do this open the quarantine click file>add item.Then navigate to the files. This will put them in quarantine where they can not do any damage. From Quarantine they can the be submitted to Symantec for evaluation. You will get a reply from Symantec within 48 hrs.

    By doing this you can later restore the files if the are found to be benign.


    I just re read your post, just because Norton did not find them as a threat does not mean that they are not a threat. Norton is an Anti Virus program, it is not so good at detecting trojans.

    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  5. #5
    Senior Member
    Join Date
    Mar 2004
    What directories are they run out of?
    Do they fireup on boot?
    Any associated system try icons?

    If you can stop them from running on boot, what breaks or changes? Anything?

  6. #6
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Just rename them in place to .old or whatever and restart the box. If you can't find them through Google then they aren't "standard" files and therefore should not mess your box up. If they do restarting in safe mode would allow you to put them back if it fails to boot and if your printer stops working or whatever you can rename each one back to exe and see which one, (or both), makes the failed device work.

    If nothing bad happens in a week or so go and delete them and any pointers to them in the registry, (backing it up before you do it of course).
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  7. #7
    Antionline Herpetologist
    Join Date
    Aug 2001
    A strings output or posting those files here would be nice. Someone may be able to analyze them and find out what they do.

    Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
    My blog:

  8. #8
    Sorry for not telling the specifics.

    They run out of my System32 folder and start on boot. And thanks for the submitting to Symantec advice, I am going to do that right now.
    Don\'t mistake lack of talent for genius.

  9. #9
    Regal Making Handler
    Join Date
    Jun 2002
    Let us no the result from symantec. I'm sure we would all be interested.
    They may be legit process for software that you have installed, on the other hand they may not be.
    What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

  10. #10
    Guys, I am sorry but you may not believe this and I hardly can't either. I can't find them in the System32 folder now. The mcompodd.exe file has moved to WINDOWS\Prefetch. The wierd thing, it has some type of string of characters after the .exe ending now. It looks like "" So I am guessing it isn't even a .exe file? I don't know, all thoughts I once had are just jumbled up and confused now...I am gonna search for the other file now....Gahhh....
    Don\'t mistake lack of talent for genius.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts