Posted 25 July 2006 - 11:26 AM
Register to Remove
Posted 25 July 2006 - 12:21 PM
In this case, "an executable (.exe) item that identifies itself with an apparently random alphabet name is "highly suspect" and probably a member of either the CWS family of Trojans or one of the variants of Smitfraud.
Since I am not a qualified Malware removal expert, I'd recommend that you Run A HighJackThis scan and save the Log. Then Post the Log into the TomCoyote HJT Forum for assistance from a qualified advisor Here:
"If" you have noticed any other symptoms, or "if" you have noticed popup screens recommending that your machine is infected and that you should immediately download one of the following: Spyaxe, SpyFalcon, SpyQuake, AlfaCleaner, w32.puper, AVGold, etc. -- Do Not Click on the popup Alert! it is an attempt to infect your machine with a variant of the Smitfraud group of malware.
There are "Self Help" solutions that you can use if you feel comfortable doing so, here:
Posted 25 July 2006 - 12:51 PM
Therefore it is best to be patient and do your work in that Forum, instead of posting to two Forums (this one and the HJT Forum) --- too many cooks in the kitchen can lead to disaster -- HJT advisors are trained and qualified, so depend on them.
In the meantime, you can help yourself by following the HJT Forum advice on what to do BEFORE posting your HJT Log. Read here:
Download, update and Run Spybot Search and Destroy version 1.4, from here:
Download, update and Run Ewido (free) anti-malware tool, from here:
**Important: Since you have McAfee tools installed on your machine, DO NOT use the Lavasoft Ad-Aware Personal SE tools.......... Spybot S&D plus Ewido will be just fine, and Ad-Aware may interfere with McAfee so don't use Ad-Aware.
Certainly feel free to re-scan with your onboard McAfee
And certainly feel free to remove Temp, Temporary Internet Files, and junk using the following protocol.
After those steps....WAIT for a Trusted HighJackThis Expert in the HJT Forum.
To clean out all the temporary files and cookies on your system.
Start - Run - (type) "cleanmgr" without the quotes.
Let it scan your system for files to remove.
Check these three boxes and then press ok to remove:
Temporary Internet Files,
Start - Find/search - Files or folders - in the named box, type: *.tmp
When the list is generated, choose
Edit - select all - File - delete.
Note: If you cannot delete them all at once because you have too many, then click and hold ctrl and highlight a batch of them at a time. Once highlighted, R-click over the highlight and select delete.
Start - Run - (type) "%temp%" (without the quotes).
Delete the entire contents of that "temp" folder
(use Edit - Select All - press "Delete", click "Yes").
Empty your Temporary Internet Cache completely.
Close all instances of Outlook and Internet Explorer,
then use "Control Panel - Internet Options - General tab and click the "Delete File" button.
When prompted place a check in: "Delete all offline content", then click OK.
Then, use Windows Explorer to clean out ALL the other temp folders on your system
(navigate to the folder, (as listed below)
use "Edit - Select All", press "Delete", click "Yes"
* C:\Documents and Settings\<Your Profile>\Local Settings\Temp\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temporary Internet Files\
* C:\Documents and Settings\<Any other users Profile>\Local Settings\Temp\
* Empty your "Recycle Bin".
Posted 25 July 2006 - 06:16 PM
Posted 25 July 2006 - 06:31 PM
Posted 25 July 2006 - 08:14 PM
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users