Re: xmltok.dll - malware?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

| When I run McAfee AV, it shows xmltok as malware in my Eudora folder.
| However, Eudora runs fine.  Also, I checked another PC with Eudora and
| it also has xmltok.dll in the folder - but McAfee doesn't identify it
| as malware.  The two xmltok's are also the exact same size.  Could
| someone clarify this for me?  Thank you.........


Please submit a sample of the DLL to Virus Total --
http://www.virustotal.com/flash/index_en.html
The submission will then be tested against many different AV vendor's scanners.
That will give you an idea what it is and who recognizes it.  In addition,
unless told
otherwise, Virus Total will provide the sample to all participating vendors.

You can also submit a suspect, one at a time, via the following email URL...
mailto:scan@virustotal.com?subject=SCAN

When you get the report, please post back the exact results.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: xmltok.dll - malware?


Quoted text here. Click to load it

Here is some info I found simply by Googling the file name. It appears that
the opinions are mixed as to whether or not it is part of an adware program.
Perhaps it is a dll file used by more than one program, with at least one of
them being the "Shop-At-Home" adware.
http://www.processlibrary.com/directory/files/xmltok /
http://www.auditmypc.com/process/xmltok.asp
http://www.liutilities.com/products/wintaskspro/dlllibrary/xmltok /
http://www.testmyfirewall.com/xmltokdll.asp

pc doc



Re: xmltok.dll - malware?

Quoted text here. Click to load it
Thank you...

Re: xmltok.dll - malware?


Quoted text here. Click to load it
| Thank you...

Please realize that any file can be named anything.  It is often the case where
malware will
use the name of legitmate files names to obfuscate their malicious intent.

That is why I asked to send it to Virus Total for analysis by multiple AV
scanners.  This
why we are not merely going by a name but by actual analysis of the sample.

This could have easily been the file;  SVCHOST.EXE  and if you just Google it,
you'll find
many references saying it is legitimate.  However, I can provide *numerous*
examples of
malwarde using that name or slight variations of it.

I mention all this because I did NOT see a Virus Total report as requested.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: xmltok.dll - malware?

David H. Lipman wrote:
Quoted text here. Click to load it

I agree. Especially since there are differing opinions in the Google search.
It would be wise to send in a sample to VirusTotal as David suggested.

pc doc



Re: xmltok.dll - malware?


Quoted text here. Click to load it
I intend to - haven't been feeling well last couple of days.  Also,
when McAfee called out the file, it was on my wife's networked PC.  I
placed a copy of the file on my PC and ran McAfee again on both her
version of xmltok and mine.  This time, neither one was called out.
Very strange........

Re: xmltok.dll - malware?



| I intend to - haven't been feeling well last couple of days.  Also,
| when McAfee called out the file, it was on my wife's networked PC.  I
| placed a copy of the file on my PC and ran McAfee again on both her
| version of xmltok and mine.  This time, neither one was called out.
| Very strange........

I understand you are ill and you have my symapthies and my wishes for better
health.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: xmltok.dll - malware?


Quoted text here. Click to load it


Thanks, Dave - will do.

Site Timeline