Ewido found the following in mt PC C:\Documents and
Settings\myname\Local Settings\Temporary Internet Files\Content.IE5\ TrojanDownloader.Inor.a :

Can trojan s execute from the temp int files.There was nothing found in egistry.I searched here and at spywareguide and could not find any reference to this or chitika also found

It's possible, however it won't happen on it's own. It would probably need a script to exploit a vulnerability that would execute it. It is also very possible that it managed to download but never run, or ran but the location of the trojans it tries to download were blocked. I would definitely do some more scans, however.. there are plenty of free online scans available in the second link in my sig :)

Well it is deleted now and so is CHitika. I was unable to googler much about either and chititka is claimed as a false positive.Thanks

What's the exact filename? Could you perhaps send it to submit@ewido.net?

I surfed the same sites to see if I would get hit again. I did Chitika spyware is a JScript Script File.I was afraid to run it from temp files and cannot see in properties where it came from. How could I find out safely where it came from.

And is it correct that maware cannot run from within system restore. Do I have do disable System restore each time I find malware and reboot and turn on sys restore

Thanks for replies

{QUOTE-> And is it correct that maware cannot run from within system restore. Do I have do disable <-QUOTE}
As far as I know, there isn't any yet that will run from SR.
{QUOTE-> Do I have do disable System restore each time I find malware and reboot and turn on sys restore <-QUOTE}
Malware may get "backed up" into SR - BTW, anything in the TIF folder will not. That's the reason for the recommendation to turn SR off/on. BUT, if its a reletively minor infection, in my opinion you should not clear restore points, that infection can be dealt with again. If you run into a far larger problem and no restore points to fall back on, you're up the creek.

Regards - Charles

{QUOTE-> As far as I know, there isn't any yet that will run from SR.

Malware may get "backed up" into SR - BTW, anything in the TIF folder will not. That's the reason for the recommendation to turn SR off/on. BUT, if its a reletively minor infection, in my opinion you should not clear restore points, that infection can be dealt with again. If you run into a far larger problem and no restore points to fall back on, you're up the creek.

Regards - Charles <-QUOTE}
Thanks for tip re TIF and SR. Much appreciated

Apparently Chitika is not spyware. See http://vil.nai.com/vil/content/v_136052.htm