2 Replies Latest reply on Jan 21, 2009 3:09 PM by mwade

    Malicious Data in \winnt\temp\..\Naiupd.000\....

      Hello,

      I ran another virus scanner on a hard drive and found detections in a file called: Winnt\temp\...\Naiupd.000\randon number (i think). The file is 50MB. When I look at this external drive through other tools I can see that the file belongs to Network Associates..., and I see that the version is version 8x, so a little while ago. (I use version 13, that is why I posted here).

      Anyway what I need to find out is what is in the contents of this file. When I pull out the strings I see ALL kinds of malicious data on the system (tftp this, DCC send that, worm this and virus that, basically a dialogue of everything and anything bad on a computer system imaginable. What I am trying to figure out is, is all of this data that has been previously quarantined by McAfee in the past? Is this a DAT file? Why am I see command strings that resemble bad stuff. I also see these same strings in heap dump files from Outlook/IE. I noticed that McAfee application crashed around the same time as the IE heapdumps.

      Thanks