NEW100E.tmp.exe Heur.Dual.Extensions - in dire need of HELP (EDIT WITH NEW INFO)

Hello and thanks in advance for any help given I really am paranoid when it comes to viruses so any help is greatly appreciated. I’ll try and be brief and describe what is happening:

Yesterday morning I started getting error popups saying a certain file couldn’t do what it wanted to. The name was NEW65B8.tmp.exe and was categorized by CIS as “Heur.Dual.Extensions” the same error appeared an hour later with the numbers following “NEW” changed into new ones, and this continued two more times before it stopped. Now it seems that it has begun doing the same this morning as well with nothing but the numbers changing each time. The anti-virus systems I have installed are CIS and Ad-aware (Ad-aware was installed after these appeared). I’ve tried to delete these files but it says I’m not allowed to do so (I’m the only user of this computer and have an administrator account) and it also wont allow me to upload the files to virusscan, virustotal or comodo malware analysis pages. The files are in the TEMP-folder and the exact link to where they are is: C:\Users\Richard\AppData\Local\Temp\NEW100E.tmp.exe .

They are labeled as a program but there’s no description what they do or what they are linked to so I’m starting to freak out. I’m going to try to include a screenshot of the log of CIS so I can show a better overview of the situation.

EDIT: Found this link just now when I googled about (it actually says now that is the author when I hover my mouse over the tmp.exe files) and maybe it’ll help you guys in understanding what this thing actually is because I am sitting clueless:

EDIT 2: Now it worked to upload the files to virscan and virustotal. None of which found any malware in the files. The links to the reports are as follows:
PS: I still can’t upload to Comodo Malware Analysis. it says error after initiating the process everytime and asks me to try again later.

Some technical information:
OS: Windows Vista Home Premium (32Bit)
Comodo Internet Security version 3.14.130099.587 (with virus database version: 4664)

I understand this isn’t much to go on but please if you know whether this is dangerous or not or how I can get rid of it or what to do then please help me.

Kind regards,

[attachment deleted by admin]

TEMP folders aren’t hard

Go here and download "ccleaner

Run the cleaner

For future reference on files that won’t delete, a nice program called “unlocker” works great.
Any file that won’t delete, right-click on the file, click on unlocker, now you can delete it :slight_smile:
You can find it here (it’s only 216kb)

The file upload looks like “ask” I’m basing it on this alone

sigcheck: publisher....: copyright....: Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved. product......: Ask Toolbar description..: Setup Launcher original name: Setup.exe internal name: Setup file version.: comments.....: n/a signers......: VeriSign Class 3 Code Signing 2004 CA Class 3 Public Primary Certification Authority signing date.: 1:51 AM 2/5/2010 verified.....: -

Good luck :slight_smile: