infected with pos tmp files [Archive] - Safer-Networking Forums

View Full Version : infected with pos tmp files

ifightbears

2008-10-22, 03:07

there is probably well over 1000 pos tmp files in my C drive and my C drive logo is a big red x, I had these files in my documents as well and deleted them but obviously the problem didnt go away. It has also made it so I cannot change my background image, I mean thats just a minor thing but even still its annoying. Also when I turn my computer on sometimes a DOS window pops up and then an error message saying that I cannot run DOS pops up. I just finished running spybot and it found the following:
Win32.Winlagons.co
Smitfraud-C.CoreService
Virtumonde.dll
Virtumonde
Virtumonde.prx
Virtumonde.sci
So please let me know what I can do to get rid of these files because spybot cannot get rid of them all and also doesnt get rid of the pos tmp files.
Thank you

Shaba

2008-10-23, 10:19

Hi ifightbears

Click here (http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe) to download HJTInstall.exe
Save HJTInstall.exe to your desktop.
Doubleclick on the HJTInstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\HijackThis .
Click on Install.
It will create a HijackThis icon on the desktop.
Once installed, it will launch Hijackthis.
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
Come back here to this thread and Paste the log in your next reply.
DO NOT use the AnalyseThis button, its findings are dangerous if misinterpreted.
DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

Shaba

2008-10-28, 14:43

Due to the lack of feedback this Topic is closed.

If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.

Everyone else please begin a New Topic.