[Lucent342]

Back in March I spent a month in Beijing, and when I brought my laptop back I started noticing a strange IE popup window and a suspicious exe file running in my system processes. In an idle state (but only when connected to the internet), a new IE window would pop up with a Chinese webpage full of banner ads. These didn't seem overtly harmful but they were annoying and would occur maybe once or twice a day.

I looked at the processes running under ctrl-alt-del and noticed that the file "776546.exe" was usually running prior to a popup and taking about 7-14k of memory. This file now starts up whenever I start my computer, despite unchecking it under msconfig. For awhile a second file, "HV7-CE6F" or something would also come up after the pop up window had opened. AVG scans overlooked these files or sometimes caught them around the c:/documents and settings/win32 area but they never got removed from my system.

This has been going on for about 6 months now (I really should have taken care of this earlier, I know!). The popups don't come up any more after I blocked the site they were redirecting to in IE, but I am still really worried about what this might be doing to my computer.

My AVG has also uncovered and virus-vaulted other trojans like i-783.exe which I saw on another post in the forums.

I've also been having problems on my flash drive and external HD, which are both included in the OTS scan. I plugged my external HD into my friend's computer in order to watch some movies, and afterward she also had the 776546.exe running and the same popups occuring on her computer!

I really need to fix this for myself and for the wonderful girl whose computer I infected. Your help is greatly appreciated!

Here are my OTS and RootRepeal files. In the RootRepeal file, you can see Chinese characters in the file names of some of the harmful files.

Thanks a lot!

Attached Files

•  RootRepeal_report_08_19_09__02_19_19_.txt   41.13KB   66 downloads
•  OTS.Txt   262.92KB   123 downloads