While scanning with Lavasoft Ad-Aware 6, I had two files
which were infected:

C:\Windows\Temporary\Kb3jd94kz.exe (infected by:
PWSteal.Trojan)

C.\Windows\System\asuigg.dll infected by:
Keklogger.Trojan

both coud not be quarantined and had to be deleted.

Anyone knows if I need these files? (I performed a
complete ScanDisk yesterday with up-to-date Definitions).
Your wisdom appreciated.

No files in the Windows\Temp or in your case Windows\Temporary folder are
necessary for the operation of your system which is why it is called
Temporary. Neither of the files you mention are part of the operating system.
May I strongly suggest that you reboot your system, just in case you have an
install under way that might require a file in the temp folder and then delete
the entire contents of the folder. If any files are marked as being in use
and cannot be deleted, boot to Safe Mode, and empty the temp folder from
there.
--
Mike Maltby MS-MVP



Piccolo > wrote:

> While scanning with Lavasoft Ad-Aware 6, I had two files
> which were infected:
>
> C:\Windows\Temporary\Kb3jd94kz.exe (infected by:
> PWSteal.Trojan)
>
> C.\Windows\System\asuigg.dll infected by:
> Keklogger.Trojan
>
> both coud not be quarantined and had to be deleted.
>
> Anyone knows if I need these files? (I performed a
> complete ScanDisk yesterday with up-to-date Definitions).
> Your wisdom appreciated.

You don't need them - they are the trojans

--
Noel Paton (MS-MVP 2002-2004, Win9x)

Nil Carborundum Illegitemi
http://www.btinternet.com/~winnoel/millsrpch.htm

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
or
http://www.microsoft.com/presspass/features/2001/Mar01/Mar27pmvp.asp
"Piccolo" > wrote in message
...
> While scanning with Lavasoft Ad-Aware 6, I had two files
> which were infected:
>
> C:\Windows\Temporary\Kb3jd94kz.exe (infected by:
> PWSteal.Trojan)
>
> C.\Windows\System\asuigg.dll infected by:
> Keklogger.Trojan
>
> both coud not be quarantined and had to be deleted.
>
> Anyone knows if I need these files? (I performed a
> complete ScanDisk yesterday with up-to-date Definitions).
> Your wisdom appreciated.
>
>
>

On Tue, 01 Jun 2004 20:21:43 GMT,"Piccolo"
> penned this whopper in
microsoft.public.windowsme.general

> While scanning with Lavasoft Ad-Aware 6, I had two files
> which were infected:
>
> C:\Windows\Temporary\Kb3jd94kz.exe (infected by:
> PWSteal.Trojan)
>
> C.\Windows\System\asuigg.dll infected by:
> Keklogger.Trojan
>
> both coud not be quarantined and had to be deleted.
>
> Anyone knows if I need these files? (I performed a
> complete ScanDisk yesterday with up-to-date Definitions).
> Your wisdom appreciated.
>
>
>
>

Not needed, and while at it, change all your passwords. Those are nasty
thieves that steal passwords and record everything you type, then phone
home with the info.

--
"Time will bring to light whatever is hidden;
it will cover up and conceal what is now shining in splendor."
Horace (65 - 8 BC); Roman poet.

Mike

>-----Original Message-----
>No files in the Windows\Temp or in your case
Windows\Temporary folder are
>necessary for the operation of your system which is why
it is called
>Temporary. Neither of the files you mention are part of
the operating system.
>May I strongly suggest that you reboot your system, just
in case you have an
>install under way that might require a file in the temp
folder and then delete
>the entire contents of the folder. If any files are
marked as being in use
>and cannot be deleted, boot to Safe Mode, and empty the
temp folder from
>there.
>--
>Mike Maltby MS-MVP

>
>
>Piccolo > wrote:
>
>> While scanning with Lavasoft Ad-Aware 6, I had two files
>> which were infected:
>>
>> C:\Windows\Temporary\Kb3jd94kz.exe (infected by:
>> PWSteal.Trojan)
>>
>> C.\Windows\System\asuigg.dll infected by:
>> Keklogger.Trojan
>>
>> both coud not be quarantined and had to be deleted.
>>
>> Anyone knows if I need these files? (I performed a
>> complete ScanDisk yesterday with up-to-date
Definitions).
>> Your wisdom appreciated.
>
>
>.Thanks to you guys. I'm always amazed at the fast
response. Re TEMP files, I got rid of all 600 of them
except for 4 folders: Cookies,
History, pdtD2D5.TMP, Internet Temporary Files. Getting
warning:
"Renaming, moving or deleting pftD2Dt.TMP' could make
some programs not work. Are you sure you want to do
this? " The same message for the other 3
folders. Is it ok to get rid of them (I guess they are
TEMP...) Tks in advance.


>

If you rebooted your PC then this would suggest that pftD2Dt.TMP is malware of
some sort since no application should install any part of itself in the Temp
folder and certainly not with a TMP extension. I feel you need to thoroughly
check your system for possible unwanted guests.

I'm a bit intrigued that you have Cookies, History and Temporary Internet
Files folders within your Temporary folder as by default these are usually
C:\Cookies, C:\History and C:\Temporary Internet Files. If you have these
last three folders as well I feel you should be able to safely delete the
folders of the same name contained in C:\Windows\Temporary folder.
--
Mike Maltby MS-MVP



Piccolo > wrote:

> Thanks to you guys. I'm always amazed at the fast
> response. Re TEMP files, I got rid of all 600 of them
> except for 4 folders: Cookies,
> History, pdtD2D5.TMP, Internet Temporary Files. Getting
> warning:
> "Renaming, moving or deleting pftD2Dt.TMP' could make
> some programs not work. Are you sure you want to do
> this? " The same message for the other 3
> folders. Is it ok to get rid of them (I guess they are
> TEMP...) Tks in advance.

Mike M wrote:
> If you rebooted your PC then this would suggest that pftD2Dt.TMP is malware of
> some sort since no application should install any part of itself in the Temp
> folder and certainly not with a TMP extension. I feel you need to thoroughly
> check your system for possible unwanted guests.
>
> I'm a bit intrigued that you have Cookies, History and Temporary Internet
> Files folders within your Temporary folder as by default these are usually
> C:\Cookies, C:\History and C:\Temporary Internet Files. If you have these
> last three folders as well I feel you should be able to safely delete the
> folders of the same name contained in C:\Windows\Temporary folder.

actually C:\Windows\....etc.


Rick

Thanks Rick, my bad. Of course I should have typed C:\Windows\History etc.

Thanks again,
--
Mike Maltby MS-MVP



Rick T > wrote:

> Mike M wrote:
>> If you rebooted your PC then this would suggest that pftD2Dt.TMP is
>> malware of some sort since no application should install any part of
>> itself in the Temp folder and certainly not with a TMP extension. I
>> feel you need to thoroughly check your system for possible unwanted
>> guests.
>>
>> I'm a bit intrigued that you have Cookies, History and Temporary Internet
>> Files folders within your Temporary folder as by default these are
>> usually C:\Cookies, C:\History and C:\Temporary Internet Files. If you
>> have these last three folders as well I feel you should be able to
>> safely delete the folders of the same name contained in
>> C:\Windows\Temporary folder.
>
> actually C:\Windows\....etc.