Page 1 of 1
Firewall Q
Posted: Fri Nov 28, 2003 8:51 pm
by d_b
What is sysdiag32? My firewall, Kerio, gives me an alert on this. Do I want to create a rule for it or against it?
Thanks...
Dan
Posted: Fri Nov 28, 2003 9:32 pm
by FlyingPenguin
Can't find any references on Google and it's not a Windows system file.
I'd do a file search for it then right click on it, select properties, and read the version info. If it's a legit file it should say what the publisher is and some description of what it does.
If there's no info, or the info is gibberish then I'd be very suspicious.
If in doubt you should make a rule to deny it access. If you find out later that it's a valid program you can always delete the rule.
Posted: Fri Nov 28, 2003 10:57 pm
by d_b
Thanks FP! Here's a screen shot of what I'm talking about. I denied access for it. Scanned for the file but it wasn't found anywhere, strange. I wonder if it has something to do with XP or another program phoning home for error reports.
Posted: Fri Nov 28, 2003 11:22 pm
by FlyingPenguin
When you did a file search, did you did you checkmark "Search Hidden files and folders" under advanced options?
Posted: Sat Nov 29, 2003 7:44 am
by d_b
Thanks FP, I didn't have that option checked. Here's what I got:
Location: C:\windows\system32
Size: 21.1KB
Size on Disk: 24KB
It doens't give much info on it such as publisher or a description.
I ran Ad-Aware and it didn't find anyything. I'll download spybot and check it out.
Thanks
Posted: Sat Nov 29, 2003 6:44 pm
by Executioner
I have this exact file and I'm running win98. It's in the tempory internet files. It does not have any file extension either. It's 16k in size. I decided to open it with Notepad, and it's some kind of java script that mentions MetaCralwer which is a serch engine that I use.