Clicked on a legit looking email. AVG popped up to say it protected me. Thought I'd run a rootkit scan to be safe. Came back positive for rootkit . Clicked remove. Clicked yes to i'm sure. It was supposed to be ok. Ran another scan. Another hidden file with same tag comes up. They all look this way:
"";"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WPF127.tmp";"Hidden file";"Reboot is required to finish the action"
"";"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WPF3223.tmp";"Hidden file";
"";"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WPF40.tmp";"Hidden file";"Reboot is required to finish the action"
"";"C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\WPFAB.tmp";"Hidden file";"Object is inaccessible."
It keeps saying its taken care of upon reboot, but a new hidden rootkit file shows up with a slightly different ending number before .tmp. every time I run a new rootkit scan.
Lbd.sys belongs to Lavasoft's Ad-aware. This detection is correct but it is most likely legitimate part of the program.
Please note that not all rootkit detections are a threat. You can read more in here - Anti-Rootkit False Positives part.
Please also note that using more than one security software with active resident part is not recommended and can cause conflicts and unpredictable computer behavior.
To allow us check for any other active threats, provide us with requested outputs.
I'm sorry for the Ad-Aware. I installed and ran it to double check. It was removed before all scans I'm sending. The anti-rootkit has been run twice since the last gmer scan I'm sending. It has come back negative both times. I finally found the temporary file content.ie5. I will delete all files again to be sure.
Not sure if it will help, but this started after a youtube spam letter about top videos.
Thank you for your time and wonderful support. I just hope I scanned and compressed everything correctly. Once again, sorry I'm computer stupid. Thank you so much.
I run latest Mozilla Firefox browser. I don't access suspicious websites. I clicked on one valid looking email i thought was from youtube. Should i run a rescue cd? I have run multiple anti virus and anti rootkit scans. They keep coming back as no threats detected. Is there something bad on my computer? Please help.
I just want to know if the scans revealed anything I should be concerned about. The post from the moderator suggested maybe running a rescue cd, but the reasons weren't clear. The only add ons I run are from avg safe search and a super cookie safeguard. I don't visit "suspicious sites".
As I said before, I've run multiple AVG computer and rootkit scans. Since I deleted ie.5 content files, the AVG scans come back as no sign of infection. Is there is a need to run a rescue cd? I just want to be told the reasons before i do. I need the experts to give me the steps. Thank you.
I'm sorry for bothering again, but this keeps happening. I was all clear for 5 days after manually deleting all the temp content ie5 files i could, turning off auto restore, running multiple anti virus and anti rootkit scans and rootkit killer software. I haven't downloaded anything. I haven't gone to any suspicious sites. No suspicious emails. Then out of the blue these temporary internet content ie5. w****. tmp files come up on the rootkit scans again. I do what it says in the avg prompt, but they keep coming back today. Are they respawning somehow? what type of rootkit is this? What can I do?