Brand new member here,
Now that I read your intro & the basic Don'ts... Forgive me, for I have sinned.
Overview of what may be important...
Half knowlingly, I downloaded from a crack site (a ".zip" of a short text file). This was probably the cause. Unrelated (having limited C: drive space) I decided to remove much from the Temp directory then saw some new/unusual things.
Freeked out -- Sin # Two = Googled a suspect filename then found and tried SpyBotS&D. Took about 1/2 hour to "scan". It claimed to remove all but 3 things, but wouldn't remove the rest after re-start. Now, I see new .exe files [ possibly from SpyBotS&D] in the C:Temp directory and all are ZeroK in size:
rasesnet.exe - 0k
snapsnet.exe - 0k
wavvsnet.exe - 0k
winvsnet.exe - 0k
removalfile.bat - 1k
Haven't tried Trashing any of these yet.
~DF76D3.tmp > all unreadable as text. (using notepad)
This file might be ok:
It contains mostly unreadable as text, but also this readable part:
"...SMS Client [my computer's name] ... Client Component Installation Manager...clifiles.box..."
I believe these are also new C:Temp folders, but not 100% sure:
sanR24 - contains filename: lDii.log = non text
1cb - contains syscheck.log = non text
Tried to trash SpyBotS&D, but some of the many files got a violation error message. A bit later, I was able to trash the remaining SpyBotS&D files.
When trashing the empty SpybotS&T folder I got dialog:
"This change may affect one or more registered programs. Do you want to continue."
ADD/DELETE control panel couldn't delete it either:
" Uninstall Error An error occurred while trying to remove Spybot - Search & Destroy.
Uninstallation has been cancelled."
Perhaps i deleted the install log or something...
I haven't removed the Spybot S&D shortcuts in the Start menu yet.
SYMPTOMS SO FAR - NONE, other than feeling stupid and worried, waiting for the crash.
Watching Task Mmanager Performance, I see no unusual activity level. It sits at zero with ocassopnal blips. - only when web content is requested or I do something. I did see and kill Spybot S&D's TeaTimer.exe process with Task Manager.
I don't know how to see inappropriate connections to IP addresses.
So whacha think?
This is a company supplied lap top I was allowed to keep when computers were retired and intranet changed to XP, thus it is unsupported now. I am not admin, but my IT type Brother-in-law says he can make me the admin if necessary. I have the NT workstation CD. but not the applications' CDs (Office)
I only read forums on web, but have an email registered.
Oh yea. May be unimportant, but FYI I ran Steve Gibson's (Gibson Research - http://www.grc.com/intro.htm)
ShieldsUp scan a week ago and again just now. This computer showed no ports on the net. That is, this "system ignored and refused to reply to repeated Pings (ICMP Echo Requests)" on ports 0 thru 1055. It's still completely in stealth mode.