Exploit.UNIX.Imail....Is this a virus or spyware?

Discussion in 'malware problems & news' started by daddymo3, Oct 22, 2005.

Thread Status:
Not open for further replies.
  1. daddymo3

    daddymo3 Registered Member

    Dec 15, 2004
    I have this in my computer...and it is in these folders(or files).....

    C:\System Volume Information\_restore{3AC104B3-DCEC-44E1-8FCB-E957108C350A}\RP271\A0034825.msi=>(Embedded CAB)=>F30597_newupdatehtml.exe.61B36DF2_0416_4DA2_BDAF_93E719EAEB7E

    C:\RECYCLER\S-1-5-21-299502267-725345543-839522115-1003\Dc2347\Setup\product\2170.msi=>(Embedded CAB)=>F30597_newupdatehtml.exe.61B36DF2_0416_4DA2_BDAF_93E719EAEB7E

    Even though it's in the recycle bin,I can't find it...and I'm a little concerned about cleaning out the bin....cause I'm a NEWBIE,when it comes to figuring out how computers work.
    And I can't find "system volume" either.

    ad-aware...spybot...and free spyware doctor(free) could not help me.
    any suggestions on how to get rid of my problems would be much appreciated.
  2. Blackspear

    Blackspear Global Moderator

    Dec 2, 2002
    Gold Coast, Queensland, Australia
    From waht I have just read, yes it appears to be a Trojan. You should be able to remove this by following the comprehensive steps found in General Cleaning.

    If these steps do not resolve your situation, you will need to download and run “Hijack This” found here and post your log at one of the HijackThis Specialist Forums, the two bigger forums for HijackThis log processing, (meaning they process more log threads each day than most others) are: SpywareInfo.com and CastleCops.com. Be sure to read their posting policy in the links at their log review forum sections prior to posting.

    The steps mentioned in General Cleaning use software that ought to be part of your security, as an absolute minimum.

    Once your system is clean, you may want to take a look here for further discussion on security and how to make your system that much stronger and here for more.

    This is what works really well for me, very simple to use and maintain.

    Hope this helps...

    Let us know how you go.

    Cheers :D
Thread Status:
Not open for further replies.