temp1 & temp2

hello everyone
i have a problem
im not sure what is it or what it does
but whan i open the Task Manager and look over Processes
i see somthing called temp1.exe and it takes abit over 1,000k Mem Usage
olso every time i try to enter a harddrive (like c: or d: or whatever)
it opens it in another window (insted of the originel one) and temp1 epears agian whan i run SAS it finds temp1 and temp2 and deletes tham
but whan i restart my comp thay come back
olso it seems it changed my reg so i cant change the folder setings to see hidden filles
i really need to know what it is and solve it
i just hope its not some Bagle leftovers
thanks

 

Welcome! to MajorGeeks.com!

Please follow the instructions in the READ & RUN ME FIRST link given further down and attach the requested logs when you finish these instructions.

• If you have problems where no tools seem to run, please try following the steps given in the below and then continue on no matter what you find. You only need to try the TDSSserv steps if having problems getting scans in the Read & Run Me First.
  • TDSSserv Non-Plug & Play Driver Disable
• If something does not run, write down the info to explain to us later but keep on going.
• Do not assume that because one step does not work that they all will not.

READ & RUN ME FIRST. Malware Removal Guide


Helpful Notes:

1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in Safe Mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware, Malwarebytes and Spybot ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
3. To avoid additional delay in getting a response, it is advised that after completing the READ & RUN ME you also read this sticky:
   • Don't Bump! It Only Hurts You!
4. Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST.

 

thanks! looks like it helpd
i just hope my comp is clean now
cuz looks like that bagle i had was still here
this post includs 3 logs
next post will include the lest log

 

the lest log

 

Did you download and run Malwarebytes? If so, please attach the log. If you did not, please go back to the READ ME and run it. Be sure you get all updates before running it.

 

looks like i forgot about Malwarebytes
and looks like what ever it was its back!
i have the temp1 and 2 agian!
i dont know were it came from
(i think there is an infected flash disk in my house!)

sorry for replaying after a long time (being in the army dosnt let you log on to forums lol)

 

here is the log of Malwarebytes
(after whatever is was was back)
looks like it found stuff but didnt do much

 

It's back because we never removed it all, you haven't replied in almost a month.

You need to go back to my initial post and run the steps/scans in the READ ME again and attach all new logs as yours are nearly a month old.

 

ok
right now its 2AM over here and i still need to get my backpack setup for the army so ill go over the readme next week whan im home
and post all the logs and hopfully that will help

 

Okay! Once complete, just attach the logs and we will get it cleaned up.

 

1st log post

 

2nd log post

i hope my pc is clean....