Soooo, after sudden paranoia about a friend's CC info being stolen after using my computer, I got paranoid about my windows machine. I don't really care if it gets compromised, it is just a nuisance. After digging though lots-a-logs, I found an unsigned DLL (Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll) in the C:\Windows\assembly folder, not very common. After some research: Microsoft-Windows-HomeGroupDiagnostic.NetListMgr.Interop.ni.dll is a DLL with version 220.127.116.11, file size 54784 bytes, last update on 7/13/2009 9:45:52 PM and file location %SYSTEMROOT%:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft-Windows-H#\xxxxxxxxxxxxxxxxxxx. However, this is not the case on my machine. A. it is not signed by Windows. B. it was modified this past January and C. it has no defined language. This annoys the hell out of me. May be something, may be nothing; however, I haven't had time to RE it yet, it certainly does match the default filesize so I am thinking the Windows OS has been compromised. If anyone is interested, I can add a link to the DLL in question.
EDIT: Seems more like paranoia, nothing ablaze on the internet.
<3 FF E4 <3
Do you even asm bruh?