Hi JTKWales1981,
This file can perform following behavior.
- Usualy created by unsafe process.
- Registered as a Dynamic Link Library File.
- Usualy have random filename and refers to many versions of a dynamic link library.
- Can be injected/attached to the legitimate Windows process such as explorer.exe or other.
1. COVERT ANALYSIS OF: MSASNO.DLL
* File Names Used: 2
* Paths Used: 1
* Common File Name: MSASNO.DLL
* Common Path: %WINDIR%\SYSTEM32\
* Vendor Information: No Vendor details specified
* File Name Structure: Normal
* File and Path Structure: Normal
2. RELATIONSHIP ANALYSIS OF: MSASNO.DLL
* No relationship details available for this object
3. ACTIVITY ANALYSIS OF: MSASNO.DLL
* No activity has yet been observed for this object
4. PROPAGATION ANALYSIS OF: MSASNO.DLL
* Object Propagation Rate: Very Low (minimal spread)
* Copyright Prevx Limited 2005, 2006
You can delete this file in SafeMode, follow instructions here:
http://www.pchell.com/support/undeletablefiles.shtmlAlso consider this info here:
http://www.trojaner-board.de/51325-win32-agent-ubx-trj.htmlpolonus