A DLL file is simply a reference class which an exe file uses when it is executing. These DLL files are created using C++ programing and packaged into these files. Then the developer can use another language that's more suited for programming the interface such as C#. In this way, the program has the speed of C++ yet the special interface that C# uses. Whatever exe file executed that accessed this DLL file was most likely the command prompt (open batch process hidden from view). An exe file can be completely harmless, yet I can replace the genuine DLL file that the exe file uses with one that has malicious functions in it. This is why you are getting the DLL file as the infected file.
-You were unable to delete the dll file because the exe file that was using this dll was still in execution.
-The program was able to rewrite the changed values because the exe file calling this DLL reference executes on reboot (the same exe file wrote to the boot up registry folders so that it executes when Windows starts).
[Edited by moderator Neo7, 4/6/2010 10:10:35 PM]
CHU never had such pop up since i wasn't a member, become a member and unlimited member.
Some ISPs like Pars-Online usually put on some stuff like that. Try to block them. Use Fire-Fox.
Yeah, i guess it is that. Well i wasn't sure about the worm, that's why i made this topic.