[Date Prev][Date Next][Subject Prev][Subject Next][ Date Index][ Subject Index]

Re: looks like I've been hijacked



Andy,

VDM37E is almost certainly a temp file left over from some operation.
TMP files are sometimes hard to get rid of, especially if the .exe file
which produced them is still running (whether harmless or malicious).


For what it's worth:
http://keskustelu.afterdawn.com/thread_view.cfm/666312

I suggest you get TCPview running on the affected machine and find out
whether some .exe file is making repeated connections to Finland. Once
you know which .exe file is behind this, you can go to Sophos or
Symantec and find out how to defeat it.




Attachment: TcpView.zip
Description: Zip compressed data