While going through my logs I saw some Unicode transversal exploit attempts. I don't think I was compromised, as I have all the latest patches, dont run my site at the default Inetpub location and the site stats show 404 errors for that attempt.

But, while researching the exploit, I starting reading about Nimda and mention of the admin.dll file.

I'm trying to confirm with anyone who KNOWS for a fact if "admin.dll" is a legitimate file. I have 3 files in different locations on the C: drive.

Thanks! :)

Got the reply I needed. In case this question comes up for anyone else, find the answer HERE (http://www.techimo.com/forum/t41325.html) :)

Sorry I could have anwered that one very quickly but I wasnt around yet lol I'm in the middle of doing a case review and had to stop for a moment to eat before it got cold lol :) but at least I see you got the main answer you were looking for from Dvnt1 :)

Thanks, Mike :) I know you would've if you could've lol :)

Yes, trusty DVNT1, and M-Six came to the rescue :) Thanks, Mike

:)