Video Screencast Help

A strange plug-in

Created: 29 Jan 2013 • Updated: 05 Jun 2014 | 2 comments

Hey, I’m a AV fan. I found a plug-in’s activity looks weird but not reported by you. So kind of wondering if you could help to find out what’s that. The name is npbaidusafeinput.dll (kind of unreadable) and I attached it in this mail. Looks like it will upload all my process and screen shot to some unknown server. None of AV reported this but I do think this plug-in is uploading my privacy to somewhere and kind of scared.

Hope you will help to find out what’s really going on there and share the results. Cheers.  

I attached the plug-in and upzip password is 'infected'

Comments 2 CommentsJump to latest comment

ᗺrian's picture

Submit to security response for analysis and if it is malicious they will write new signatures

You can also submit to virus total for a quick check of what it may be

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Alex2013's picture

hmm, looks like from virustotal's feedback, it's clear. but still the activity of this dll is wired