I’m running Vista 32 bit, SP2. I started having problems with Chrome not working right, got to poking around, and decided to do a thorough virus/malware scan, etc. MBAM found a few things, including a couple ID’d as Trojan Horses, and I cleaned them up. Ran OTL, another scan, HijackThis, and everything looked ok.
But, something’s still not right.
I found a registry key that looks iffy, but I’m hesitant to delete it and mess something up.
It’s in HKCU\Software\Microsoft\Windows\CurrentVersion\Run. The entry is titled HOSTnfig (not HOSTConfig), and the data is rundll32,“C:\Users\Me\AppData\Local\Temp\cbsrxext.dll”,dllGetVersion
I found the cbsrxext.dll file, and at least checked the properties. It has a 9/13/10 created date, which is the night before I started having problems.
I have another PC where Chrome works fine, and this registry key is not present. It’s also Vista 32, SP2.
Any thoughts? Am I correct in assuming that this may be a threat? I’ve searched high and low for data on HOSTnfig and cbsrxext.dll, and found absolutely nothing.
Have you tried to submit your infected file to virustotal.com?
You may see how is the other’s AV respond related to your submitted files, and according to what i found HOSTnfig most likely is Dynamic Host Configuration Protocol as DHCP Server/Client. And i don’t think so that is a suspicious file, and talking about cbsrxext.dll is look installed and saved in the Temp folder. You can try to remove with CCleaner to clean up your registry and temporary cookies from your internet explorer.
For sure you may scan with Dr.Web Scanner to make sure whether this a back door as Kaspersky results to you.