Video Screencast Help

A strange plug-in

Created: 29 Jan 2013 | 2 comments

 

Hey, I’m a AV fan. I found a plug-in’s activity looks weird but not reported by you. So kind of wondering if you could help to find out what’s that. The name is npbaidusafeinput.dll (kind of unreadable) and I attached it in this mail. Looks like it will upload all my process and screen shot to some unknown server. None of AV reported this but I do think this plug-in is uploading my privacy to somewhere and kind of scared.

 

Hope you will help to find out what’s really going on there and share the results. Cheers.  

I attached the plug-in and upzip password is 'infected'

Comments 2 CommentsJump to latest comment

_Brian's picture

Submit to security response for analysis and if it is malicious they will write new signatures

https://submit.symantec.com/websubmit/gold.cgi

You can also submit to virus total for a quick check of what it may be

https://www.virustotal.com/

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

Alex2013's picture

hmm, looks like from virustotal's feedback, it's clear. but still the activity of this dll is wired