Tweet
My firewall let me know that a program was trying to access the internet. It was called 32452.exe. I blocked it, not knowing what it was, and went on. Then the next time I launched IE, it did it again, but new numbers this time. So I searched around and found out they are in my profiles temp folder, in a folder called "delete.me". I did as the folder said, and deleted it. Next time I lauched IE it recreated the files, 4 of them, and tryied to access the internet again. Natually I blocked it again. I used The Cleaner (www.moosoft.com) to scan for trojans, but found none. So I just kept blocking them till I got annoyed, and decided to check to updates with The Cleaner. Downloaded 2 updates and scanned my Temp again, and they are trojans. It cleaned them, but IE still created new ones when I started it up. A full system scan came up with nothing. Im still getting the files. Has anyone seen this before? It happened after installing office 2003. I have heard it has a built in trojan to let M$ kill the drive or something. Is this true? Anyone know a solution?
-
-
sounds like any number of trojans/viruses. If Antivirus wont take care of it (try www.avast.com for an a great free AV) then you're looking at a reformat. -
I have to agree, it sounds like a malware has infected your system.
Perhaps the online scan at http://www.spywareinfo.com/ can assist.
SpyWareInfo also has a page of reccomeded software;
(note that Fatguy3's reccomendation appears on that page also)
If you can at least track down what malware it is exactly, removal instructions should be readily available through a quick search of Google.
Spybot Search & Destroy is still one of my favorite utilities for hunting down malware;
The reason a diamond shines so brightly is because it has many facets which reflect light.Comment
-
you seem to have been hit by that ^Latest Microsoft Security Updates.
Last Updated: 10th MARCH
If you are a security freak: Use Microsoft Baseline Security Analyzer (NT/2000/XP/2003)
======================
icq : 203189004
jabber : [email protected]
=======================
Linux user since: April 24, 2003 312478
yabaa dabaa doo...
Customized for 1024x768Comment
-
OH!
I do hope not!
lop is as heinous as they come:(The reason a diamond shines so brightly is because it has many facets which reflect light.Comment
-
Just as I figured, spybot came up with nothing but the usual cookies. The online scanner came up with nothing. My AV, panda Anti Virus, came up with nothing. Im not sure where to go next.
Thanks for the help though guys.Comment
-
reformatting the drive fully might be your next step...:2cents:Comment
-
did you use an updated spybot? updations are quite important as lop seems to have created havoc mostly in last few months.Originally posted by Dyck15Latest Microsoft Security Updates.
Last Updated: 10th MARCH
If you are a security freak: Use Microsoft Baseline Security Analyzer (NT/2000/XP/2003)
======================
icq : 203189004
jabber : [email protected]
=======================
Linux user since: April 24, 2003 312478
yabaa dabaa doo...
Customized for 1024x768Comment
-
Everything on my system is totally updated. Spybot, The Cleaner, Panda, everything. I Actually did a scan which found nothing, updated, then scanned again and found a bunch of junk, but none of it was lop.
I dont think it is lop though, becuase I checked it out and my system doesnt match some of the technical details.Comment
-
Hey dyck15, remember, I warned you about the m03 (m zero three) trojan thats in office 2003. Thats what it does. Microsoft created that trojan for xbox first. Now they include it with office 2003 and future major software releases. It allows m$ complete access to the infected hd to snoop, change or delete at will.
I also warned everyone else at tt on oct 22 as well but nobody listened. They thought I was crazy. Time to reformat. Stick with office 2000 or xp until there is a removal tool for the m03. Besides, 2003 is supposed to be incompatable with older versions, forcing everyone else to buy the mo3 trojan to stay compatable(lol).
link to original post
If you read the other thread, you will see the reactions they
(asklepios and persian imortal) had.athlon xp-m@2456mhz(12x204)
tt aquariusII liquid cooled/ arctic silver ceramique
asus a7n8xe-dlx
thermaltake xaserIII lanfire
bfg 6800gt
seagate sataII 250gb/seagate 7200rpm 160gb ide
samsung dvdrw
2x1024 kingston hyper-x pc3200/ windows xp pro sp3
logitech mx518/ logitech wingman rumble
2x samsung 955df 19"/ canon i960
creative x-fi fatal1ty 64mb/ altec lansing 251-5.1
mushkin 550w
opteron 146 @ 2850 (10x285)
DFI infinity nf4 ultra
thermaltake tsunami dream -black
seagate sataII 500gb
evga 8600gt oc ssc edition
samsung sata dvd-rw
2x1024 ocz black
logitech ifeel/ nec accusync 75f
ocz fatal1ty 550wComment
-
Well, the first actual suspected damage from m$ has happened.link to new thread about m$ deleting stuffathlon xp-m@2456mhz(12x204)
tt aquariusII liquid cooled/ arctic silver ceramique
asus a7n8xe-dlx
thermaltake xaserIII lanfire
bfg 6800gt
seagate sataII 250gb/seagate 7200rpm 160gb ide
samsung dvdrw
2x1024 kingston hyper-x pc3200/ windows xp pro sp3
logitech mx518/ logitech wingman rumble
2x samsung 955df 19"/ canon i960
creative x-fi fatal1ty 64mb/ altec lansing 251-5.1
mushkin 550w
opteron 146 @ 2850 (10x285)
DFI infinity nf4 ultra
thermaltake tsunami dream -black
seagate sataII 500gb
evga 8600gt oc ssc edition
samsung sata dvd-rw
2x1024 ocz black
logitech ifeel/ nec accusync 75f
ocz fatal1ty 550wComment
Comment