Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware/Trojan(Generic 18*?) - *.tmp.exe files.


  • Please log in to reply
2 replies to this topic

#1 richandfamous

richandfamous

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 16 August 2010 - 10:20 AM

First up thank you for taking the time to read this post and hopefully acting on it in some way.

I'm running windows Vista, unsure of build etc.

Symptoms are as in post title: Lots of windows-looking ads telling me I've got viruses and hackers everywhere. My AVG antivirus flaring up telling me that there is a trojan of type generic 18.* and flagging various *.tmp.exe's in my temp folder . Also random icons being created on my desktop, some are links to dummy porn sites, others are called 000troj.exe, 001spam.exe and 003spam.exe.

Normally I'd sysrestore -> safemode -> rescan -> delete, but on this occaision I didn't have any restore points (despite updating windows 2 days ago wtf?).

I've tried to isolate the problem, but not having much luck. There was also a suspiciously titled exe in my startup folder. It's now gone, but the problems have not diminished.

for you're viewing pleasure here's a ms paint mashup of some of the messages I've been getting.

Posted Image

Any help much appreciated

Edited by richandfamous, 16 August 2010 - 10:21 AM.


BC AdBot (Login to Remove)

 


#2 richandfamous

richandfamous
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 16 August 2010 - 10:18 PM

Not a bump, but more data to add and some specific questions.

I got another popup message telling me that "system files were missing" or some such. I thought it was more spam but on this occaision it actually shut down my laptop.

After logging back in Windows explorer seized up immediately and my entire session froze. I still have full normal access in safe mode.

Qs

Even if you have no time to help me through anything; does this remind anyone of a certain virus/malware/ anything? I've had a look at the spyware removal guides on this site but I cannot catagorize the problems I am experiencing - help in this area would be appreciated as the guides in that section appear well-written and I shouldn't have any trouble carrying it out independently if I could successfully pidgeonhole my problem(s?)

Secondly, what is the best diagnostic tool for scanning my system. I take it from the numerous messages around that combofix is no good, but would would anyone reccomend? Also should these programs be run in Safe mode or normal mode?

Again thanks in advance for any help.

#3 richandfamous

richandfamous
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 17 August 2010 - 05:07 AM

SAS log

<used to be here but then i read the rules!> Sorry guys.

doin MWB nao.

Edited by richandfamous, 17 August 2010 - 05:19 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users