I’ve decided to register here to see if someone can definetly help me. On december 24th, I was infected by a lot of spyware and virus. I could get rid of all of it, using Avant Home, ewido, adaware and NOD32. But here comes the problem… I still have a virus which is creating me .tmp files on my folder c:\documents and settings\marc\Configuración local\temp This files has teorically 0kb, and comes under the name _geAB1.tmp, and changing the AB1 by other letters and numbers… It creates around 3 files a second. I can delete them but still creates news one. I’ve run all the antivirus both in my pc and online, and also in safe mode, but none of them finds out that I have a virus. I’ve also cleaned the registry with regseeker. The situation begins to be a little desperanting, so it’s imposible to find out where the virus is. Can anyone give me a hint of how to arrange this? Thank you.
You did not have two resident scanners at at time, did you? Because then you can get weird scan results too. Always use one resident scanner, added scanning like non-resident or online or on-demand scanning or in-browser scanning is OK.
Assuming you do NOT have 2 Antivirus programs
"resident/running" on your machine at the same time
AND you have Ad-Aware, I recommend you seek help
on the forums at www.landzdown.com . This forum is
staffed by ALL the volunteer Experts ( including HJT )
who used to advise on the now-defunct Lavasoft
Ad-Aware Support forums.
It does look like you’re running two AV’s, which is not a good idea as they will fight over files like dogs over a bone. You need to decide which one you want to keep, and uninstall the other one.
Could you check this file on Jotti as mentioned above, because it can be legitmate or part of a Trojan:
D:\Archivos de programa\WinTV\Ir.exe
Otherwise, I can’t see anythong suspicious.
You could try an online scan and see if it identifies anything;
It might also be worth trying the free trial of Trojan Hunter to see if that can find any Trojans, maybe a process injecting Trojan hiding in a system process?
Thank you all. Aparently, it’s not a virus. The problem comes that my first executable on windows got caught by a virus, and the action taken to get it out damaged the registry. With that, sadly, the only action I can make is to format my drive.
Well, now I’m definetly going mad… yesterday happened a mistery that not even Bill Gates could resolve. I was going to format my drive, but yesterday happened something really strange. I was surfing through the web, when my computer crashed and gave me an error on the explore.exe. I thought that it was going to reboot but it didn’t… and what was my surprise when I saw that the temp files stopped to create!!! I don’t know why, but it happened… I still haven’t reboot it, but do you think it’s now possible to solve the problem without format my drive? Any help is really apreciate it, as I have a lot of information and to format my drive would suppose a lot of trouble for me!