A strange plug-in
Created: 29 Jan 2013 | 2 comments
Hey, I’m a AV fan. I found a plug-in’s activity looks weird but not reported by you. So kind of wondering if you could help to find out what’s that. The name is npbaidusafeinput.dll (kind of unreadable) and I attached it in this mail. Looks like it will upload all my process and screen shot to some unknown server. None of AV reported this but I do think this plug-in is uploading my privacy to somewhere and kind of scared.
Hope you will help to find out what’s really going on there and share the results. Cheers.
I attached the plug-in and upzip password is 'infected'
Discussion Filed Under:
Comments 2 Comments • Jump to latest comment
Submit to security response for analysis and if it is malicious they will write new signatures
https://submit.symantec.com/websubmit/gold.cgi
You can also submit to virus total for a quick check of what it may be
https://www.virustotal.com/
SEP Knowledge Base
Endpoint SWAT
hmm, looks like from virustotal's feedback, it's clear. but still the activity of this dll is wired
Would you like to reply?
Login or Register to post your comment.