Hello and thanks in advance for any help given I really am paranoid when it comes to viruses so any help is greatly appreciated. I’ll try and be brief and describe what is happening:
Yesterday morning I started getting error popups saying a certain file couldn’t do what it wanted to. The name was NEW65B8.tmp.exe and was categorized by CIS as “Heur.Dual.Extensions” the same error appeared an hour later with the numbers following “NEW” changed into new ones, and this continued two more times before it stopped. Now it seems that it has begun doing the same this morning as well with nothing but the numbers changing each time. The anti-virus systems I have installed are CIS and Ad-aware (Ad-aware was installed after these appeared). I’ve tried to delete these files but it says I’m not allowed to do so (I’m the only user of this computer and have an administrator account) and it also wont allow me to upload the files to virusscan, virustotal or comodo malware analysis pages. The files are in the TEMP-folder and the exact link to where they are is: C:\Users\Richard\AppData\Local\Temp\NEW100E.tmp.exe .
They are labeled as a program but there’s no description what they do or what they are linked to so I’m starting to freak out. I’m going to try to include a screenshot of the log of CIS so I can show a better overview of the situation.
EDIT: Found this link just now when I googled about ask.com (it actually says now that ask.com is the author when I hover my mouse over the tmp.exe files) and maybe it’ll help you guys in understanding what this thing actually is because I am sitting clueless:
EDIT 2: Now it worked to upload the files to virscan and virustotal. None of which found any malware in the files. The links to the reports are as follows:
PS: I still can’t upload to Comodo Malware Analysis. it says error after initiating the process everytime and asks me to try again later.
Some technical information:
OS: Windows Vista Home Premium (32Bit)
Comodo Internet Security version 3.14.130099.587 (with virus database version: 4664)
I understand this isn’t much to go on but please if you know whether this is dangerous or not or how I can get rid of it or what to do then please help me.
[attachment deleted by admin]