Do you have a question? Post it now! No Registration Necessary. Now with pictures!
March 17, 2006, 5:56 pm
rate this thread
I'm making this post for others who may have the same problem.
Recently I gained a trojan on my XP Home machine. I have several anti-virus
scanners, but AVG was the only one of my set that recognised it as a problem
(it could heal, but not remove the problem). The symptom is that a file is
created in the Windows\System32 directory named Idxxxx.tmp where xxxx is a
random character string which AVG recognised as a trojan. Further more this
file gets opened and associated with winlogon.exe and so cannot be deleted.
A bit of Googling revealed that this is a downloader trojan, McAfee
describes it of type Downloader.AQW and that a registry entry is made:
Sure enough, there was indeed an entry in the registry:
This had to be deleted in safe mode, otherwise it just got put right back.
Since then the problem has not returned.
(for the benefit of search engines: Id????.tmp <random string>.tmp virus)