There were a few things that struck me as odd about this:

• It didn’t seem like a randomly-generated name,
• Most viruses/worms don’t seem to bother to set their file dates, particularly not to 5 years ago,
• I haven’t been doing anything likely to get my system infected, and
• I use a firewall that should’ve warned me if anything unusual was trying to make outbound connections from my computer (e.g. to try to spread an infection).

Searches via Google & Yahoo turned up nothing significant (mostly this file in lists of files and one warning that it had been found on infected systems), so I did a little more investigating at a very brute-force level.

The file in question doesn’t have any vendor information, version strings, etc. which is a bit suspicious, but looking at the actual content of the file, I found multiple strings tied to Dell power management configuration – hibernation, etc. Since this fits with the name “set pwr cg” I’m going to assume that the cg is short for something like “configuration” and that they were trying to stick with a DOS-style 8.3 name for this file. The reason it turns up on infected systems is that Dell computers get viruses too.

Almost certainly a harmless file, at least this version of it.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

© Alan Miller/Fencepost Software & Consulting, 2009. All Rights Reserved. | Permalink & Comments
Post tags: Maintenance, Repair, Security, Virus