I have a file rosn1.exe installing itself in the windows/temp dir, I ran Ad-Aware, Spybot, Sophos Antivirus, Spyblaster and still re installs there.
I checked the file and it is compiled but shows some of the Windows instructions.
I have found nothing in the web except for very few possible references
Mostly in Russian.
Spybot does not detect it or clean it. Actually I found that IExplorer renamed itself as Metapaladin and refers to a website so I use Mozzilla and Firefox
"C:\Archivos de programa\Internet Explorer\iexplore.exe" "http://notetol.com/uninstall.php"
Of course I did not opened it.
It went undetected by spybot.
I tried to delete it but reinstalls, I am trying other thing now. If does not work could be good to zip and send you as you advice?
What are we dealing with?