But anyways.. off to the point
I have yet another computer that seems it may have a bug on it
I have been using a program called process lasso that is very similar to the task manager to see what all is running and to help keep program from becoming too overpowering. I have noticed the last week or two that every time i open it there is a file in the temp directory that always has a random name. That immediately told me something was fishy. i have deleted the file a couple of times before but it is always replaced with a new one with a different name of seemingly random characters. which tells me that there is another file somewhere else generating this one in the temp folder. This is actually a new computer, have only had it running for a week. im pretty sure it was updated recently, but dont hold me to that. Its behind a hardware firewall. I have run mbam on it, and it has trend micro as well as spy sweeper. have stepped through the malware read first guide and will attach the HJT log to this post.
i checked the HJT log with a site called HiJackThis (dot) de.. i didnt do anything it suggested yet as i wanted a second opinion before i trusted its results, though I must say it has in the past been correct.
Looking at that I think these entries need to be fixed:
C:\WINDOWS\TEMP\XZ4136.EXE (this is running process)
R3 - Default URLSearchHook is missing (i just dont like this entry.. seems fishy to me)
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll (this one was suggest to be left alone in HJT and fixed using a program called LSPFix from cexx.org.. I havent tried this yet as the name of the site suggested sounds like a scam)
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware player\vsocklib.dll (this one was suggest to be left alone in HJT and fixed using a program called LSPFix from cexx.org.. I havent tried this yet as the name of the site suggested sounds like a scam)
you will probably see that this computer has Spybot S&D on it as well. It is installed but hasn't been used yet as all I have ever really found useful in spybot is the immunization feature. I have used other program for antispyware.
also there is a couple of entries for a program called Desktop Coral. That is legit. I installed it just 2 nights ago(long after i first noticed that temp file).
One last note. This computer IS on a corporate domain, But this is MY personal computer. I only have it on the domain so i can get internet and such. This company has the internet locked down so that unless the computer is on the domain you cant get out. I know it is against the TOS to ask for help with a corporate computer and I wouldn't even try to ask anyone to go against that. So just to reclarify, this is MY computer, not the companies, that I am needing help with. I spoke with ScHwErV and was told that with pseudo-corporate computers like my situation it would be up to the helper that responded to this post. Therefore, as I understand it, it is not specifically against the TOS to ask for help under these circumstances.
Thanks for any help received!