Unusual file in windows

  • Thread starter Thread starter dwight
  • Start date Start date
D

dwight

I am trying to remove a file from an HP Pavilion a305w
desktop computer.

This file is in the registry under run and runonce, every
time I remove the entry it returns automatically. The
file is located in the temp directory of both the
administrator and Owners documents and settings acounts.

The name of the file is egfhrbg.dll


The only thing this file does to the computer, is cause
emails to be sent out by the thousands to random email
addresses with random subject lines.

The computers performance is not affected in any way.

Does anybody have any idea how to remove this file
permantently, it does not show up as a virus with either
norton or trendmicro online scans.

Thanks in advance,

Dwight
 
-----Original Message-----
I am trying to remove a file from an HP Pavilion a305w
desktop computer.

This file is in the registry under run and runonce, every
time I remove the entry it returns automatically. The
file is located in the temp directory of both the
administrator and Owners documents and settings acounts.

The name of the file is egfhrbg.dll


The only thing this file does to the computer, is cause
emails to be sent out by the thousands to random email
addresses with random subject lines.

The computers performance is not affected in any way.

Does anybody have any idea how to remove this file
permantently, it does not show up as a virus with either
norton or trendmicro online scans.

Thanks in advance,

Dwight



.
The only thing this file does to the computer, is cause
Click to expand...
emails to be sent out by the thousands to random email
addresses with random subject lines.

The only thing?! That would be enough for me to hunt them
down and chock the life out of who installed it.

It sounds like someone hijacked your computer and is
using it as a server to send spam.

http://www.safer-networking.org/ Spybot
http://www.javacoolsoftware.com/spywareblaster.html
http://www.wilderssecurity.net/spywareguard.html
http://www.lavasoft.de/ Ad-aware
http://www.merijn.org/downloads.html (CWS)cool web
shedder and hijack this
 
-----Original Message-----

emails to be sent out by the thousands to random email
addresses with random subject lines.

The only thing?! That would be enough for me to hunt them
down and chock the life out of who installed it.

It sounds like someone hijacked your computer and is
using it as a server to send spam.

http://www.safer-networking.org/ Spybot
http://www.javacoolsoftware.com/spywareblaster.html
http://www.wilderssecurity.net/spywareguard.html
http://www.lavasoft.de/ Ad-aware
http://www.merijn.org/downloads.html (CWS)cool web
shedder and hijack this

.
Click to expand...
Your computer is infected with something although I don't
know exactly what. If the advice in the post from MAP
doesn't get results try a trojan scan at

http://www.trojanscan.com/trojanscan/scanner.htm

if a trojan is found then the following advice comes
courtesy Kent W. England, Microsoft MVP for Windows
Security
****
Trojans are stealthy and not always found by anti-virus
software. If you find suspicious processes running or task
manager or regedit is being killed after opening, you
might want to try one of the following tools to check for
trojans (after scanning with at least two anti-virus tools
to get rid of the easy stuff).

DiamondCS TDS-3 - Trojan Defence Suite (TDS), leading anti-
trojan system for Windows: http://tds.diamondcs.com.au/

Agnitum: Products: Tauscan: Home:
http://www.agnitum.com/products/tauscan/

Mischel Internet Security - TrojanHunterT: Finds and
removes trojans: http://www.misec.net/trojanhunter.jsp

MooSoft Development Presents The Cleaner:
http://www.moosoft.com/thecleaner/

Hacker Eliminator. - Advanced Hacker Protection:
http://hacker-eliminator.com/
****

Bill

ps. If you don't take steps to protect yourself it will
only happen again. A firewall, a good anti-virus program,
and installing all applicable Microsoft updates is the
absolute minimum protection you should be using.

Further general info:
http://aumha.org/a/health.htm
http://www.aumha.org/a/parasite.htm
http://www.doxdesk.com/parasite/
http://www3.telus.net/dandemar/Security.htm

Security tips and tests:
http://www.jasons-toolbox.com/BrowserSecurity/
http://www.grc.com/default.htm (this is a great! site)

Bill
 
Back
Top