Suspicious file found!

Avast Free Antivirus / Premium Security
1

[b]Please, I need somebody’s help!
I am a beginner using pc. and I dont Know how to resolve this situation. dont even Know the steps to submit a file.
suspicious file found!
A suspicious file has been detected (using a heuristic method). This may be a sign of malware infection. Please allow the file to be submitted to our virus lab for analysis.

File name: C:\WINDOWS\system32\drivers\SISNPF.sys
Type: Hidden services
recommended action: ignore
Submit the file to alwil software virus lab for further analysis
I’ll apprciate any kind of advise!
I’m sorry for the poor rdaction; english is not my native language.[b]

2

I trust that you allowed the file to be sent to avast for further analysis and chose Ignore as the action ?

A google search for SISNPF.sys returns many hits, I didn’t see anything that obviously says this is a malicious file, so just suspicious at this point, so the further analysis is essential.

Does the general information in this link match your file, http://www.file.net/process/sisnpf.sys.html ?

3

every time i start my pc it come with this error when i delete it then it ask for a restart and even if i restart this next time its again the same problem i have checked also my system 32 file but there is no such file in there also.
can some one help me with this suspicious file found
a suspicius file has been detected ( using a heuristic method) this may be a sigh of malware infection. please allow the file to be submitted to our virus lab for analysis
C:\WINDOWS\SYSTEM32\nmdfgds0.dll
Rootkit: hidden process

4

Well based on the file name alone I would say this was suspect, so the same question for you.

I trust that you allowed the file to be sent to avast for further analysis and chose Ignore as the action ?

In this case there are many hits on this file name and many showing infected.
See http://www.prevx.com/filenames/X1342468636794208142-X1/NMDFGDS0.DLL.html.

Suspect: Upload the file/s to VirusTotal, Send a sample to avast if multiple detections at VT.

Check the suspect file/s at: VirusTotal - Multi engine on-line virus scanner and report the findings here in the topic, the URL in the Address bar of the VT results page.

Send the sample to virus@avast.com zipped and password protected with the password in email body, a reference to this topic (give URL) and undetected malware in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.

Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.

Having done that I would suggest changing the file name to SUS-nmdfgds0.dll, that should hopefully stop whatever it is that runs it as effectively that registry entry or process wouldn't find the nmdfgds0.dll file.

****
Program & Tutorial - Also useful as a diagnostic tool - [url=http://filehippo.com/download_hijackthis/][b]FileHippo Download - HiJackThis[/b][/url] and post the contents of the HJT log file here. - HJT Information [url=http://www.bleepingcomputer.com/forums/tutorial42.html][b]HiJackThis Tutorial[/b][/url].

Download and run HJT and post the contents of the log file (cut and paste or attach the log file) into this topic, you may need to split it over two or more posts depending on how large it is.