I don't know what happened, but I just got a nasty virus today. I didn't run any executables and I didn't and haven't downloaded anything suspicious. I started downloading a few movies, but getting a virus from an unfinished avi file that wasn't run is just ridiculous. When the virus first started, it showed up as a fake antivirus program that had an icon in the toolbar that looked like windows defender. I tried opening chrome, avg, and malwarebytes, it wouldn't let me, it gave me a message saying something along the lines of "blank.exe is infected. Would you like to activate your antivirus?" Blank.exe being whatever I tried to open. I opened task manager and closed the suspicious processes which were:

Tfezaa.exe
ayho.exe
qysxjkdtssd.exe
geurge.exe

I turned the power off my computer (I didn't shut it down, just hit the power) and started it in safe mode and then opened up msconfig and disabled the programs that I hadn't seen before:

CLTzanCyberlink
CLTzanGoldenEye3.5.2704
ad
JDK5SWFMZY
pgnjonjq
sta
CyberLink GoldenEye

I have never downloaded anything to with any of those. The programs are run from Geurge.exe, ayho.exe, tmp.exe, and qysxjkdtssd.exe under C:\Users\******\AppData\Local\Temp


Can I delete the things in this folder that have been modified today? I'm not sure how much is to do with the virus, and AVG 9.0 and Malwarebytes don't pick up anything in the folder.

edit:
Chrome works, I had to disable the proxy. FUCK!! This thing must have been downloading a shitload more to my computer.

um Malwarebytes WILL find them.

Only reason I can think yours did not is if you have not updated it or it was infected, which from what you showed it wasnt. Or if you told it not to scan certain places.

Malwarebytes would be your easiest way to get rid of them.

Now for the question - YES you can delete EVERYTHING in the temp folder and you will be fine. Do not do a selective delete, just dump everything you can from that folder. Some files might be in use for normal activity just hope the bad ones arent

No, this is wrong... Screenshots to come...

Screenshots:
http://img6.imageshack.us/slideshow/web ... 527363.jpg

so Malwarebytes found 2. Did you try and remove them in Malwarebytes?

It should have found at least the same 2 on your hard drive.

Have you looked them up online to see what they are? Maybe that 3rd one the other programs detected is not anything that can harm you. Maybe by itself it is useless but with one of the other 2 on the system it causes damage?

In all the time i have used Malwarebytes, I only ever had to do manual removal once. That was on a system that had over 2000 found problems.

I never trust online scanners as they will find everything from keygens to bots.

Oh well, main thing is that hopefully you got it taken care of. Begs to ask, why were they only in your temp folder? Anyway, I would still run a full AVG and Malwarebytes scan on ALL drives to make sure.

I have run full scans multiple times with AVG and MalwareBytes and they haven't picked up anything new. I'm not sure why it was all in the temp folder, it seems like it would be smarter to scramble the viruses... I doubt I got all of them, because, if there are any in any other locations, I won't be able to find them.