I have an exe file that keeps morphing and I can't get rid of it.

Discussion in 'malware problems & news' started by cheater87, Mar 19, 2008.

Thread Status:
Not open for further replies.
  1. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Its my my temp files. I ran Ccleaner to see if I can get rid of it yesterday and it came back under a new name. I'm running Avast with a through scan right now. The file is utt257.tmp.exe. This is the name it is under today. Yesterday it was called utt1D4.tmp.exe. What could be causing this and what can I do to stop ito_O Spyware Terminator has the main one blocked so it always stops it when starting up.
     
  2. buzzqw

    buzzqw Registered Member

    Joined:
    Sep 7, 2006
    Posts:
    26
    upload to virustotal.. just to check what is it..


    BHH
     
  3. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    I can't find the file. I look for it in the file search feature but nothing comes up.
     
  4. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Cheater:

    I did a google search and came up blank as well.

    When you run CCleaner analysis it gives a path for the files it is about to clean,
    that information it may give a clue as to the SW doing this and what is going on here.

    Have you added anything new SW wise lately? Hows your register health?

    You may have to do a HJT log analysis as a last resort but try running some online web based virsus scans (KAV? BD) to see if you can zap it that way.

    Anyway, just some thoughts.
     
  5. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    I installed Adobe flash player a few days ago. But this started happening yesterday. I'll run Ccleaner's registry fixer now.
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    FOUND IT!!!!!! I ran the registry cleaner and it was in there. I fixed it. :) Here is a pic.
     

    Attached Files:

  7. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Now that Ccleaner fixed it can I take it out of block from Spyware Terminator. I purged them from the quarantine section in Comodo Firewall's Defense Plus.
     
  8. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses
    Hi Cheater:

    Good you made progress! Try rebooting now to see if it re morphs!:doubt:
     
  9. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Turns out the exe file was Bittorrent trying to update to the newest version. :p I went into Bittorrent and a message came up saying that I had to update to the newest version. I hit yes and that exe file came up. :) So I updated and all is good now. Its scary waking up going to your computer and seeing an exe file is trying to execute. They should rename their files better so it does not freak people out like what happened to me.
     
  10. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Silly me I forgot to unblock it in Spyware Terminator. No wonder I had an error message come up about it when rebooted the computer again.
     
Loading...
Thread Status:
Not open for further replies.