Windows 7 Concern About Potential Virus in System32 Folder on x86 OS

kevin from Chi-town

New Member
Joined
Jan 11, 2009
Messages
714
I came across this in my system 32 folder. I'm aware that there is a program looking throoughout your lan that uses visual basic. I also came across a site that says this is a virus. Is the anyone else that has this on their x86 OS ?
 
Solution
You will also see this in Windows 8. It is scheduled by Task Scheduler by default in both OS's to do some network inventory. Can be found in Task Scheduler, Windows, NetTrace.

Location is:
%windir%\System32\gatherNetworkInfo.vbs

If your wondering if its infected (as it is possible for a vbs file to be maliciously altered), you can check the MD5 sum of these files,
Windows 8's gatherNetworkInfo.vbs should have a sum of bc9cccbe9800c732940c7f8ed335b7d9
Windows 7's should have a sum of 2ae808cb0d9a667b0cf41ea74b3b9bac

If these files have been altered I suggest running a malware and virus scan, as well as "sfc /scannow" to replace corrupted files.
You will also see this in Windows 8. It is scheduled by Task Scheduler by default in both OS's to do some network inventory. Can be found in Task Scheduler, Windows, NetTrace.

Location is:
%windir%\System32\gatherNetworkInfo.vbs

If your wondering if its infected (as it is possible for a vbs file to be maliciously altered), you can check the MD5 sum of these files,
Windows 8's gatherNetworkInfo.vbs should have a sum of bc9cccbe9800c732940c7f8ed335b7d9
Windows 7's should have a sum of 2ae808cb0d9a667b0cf41ea74b3b9bac

If these files have been altered I suggest running a malware and virus scan, as well as "sfc /scannow" to replace corrupted files.
 
Solution
Well, it gives the point of view that it might be important to check what files or folders belong to Windows, and what don't. Like if you get an extra engine in your car... heh.