Picked up the following yesterday when running a scan:
Win32:Crypto
c:\WINDOWS\Temporary Internet Files\Content.IE5\EJ2FK3EZ\netsecure[1].jpg
Win32:Crypto
c:\WINDOWS\Temporary Internet Files\Content.IE5\4Z887Q8A\panel_r5_c8[1].jpg\panel_r5_c8[1]
Win32:Crypto
C:\WINDOWS\TEMP\trz21E4.TMP
They seem to be living inside some truly enormous (~1GB) files in my temp folder.
Tried to move them to virus chest, but the operation failed (Don't have the exact words, but something like: "An error occured during this action. Unable to transfer - this option is only available in win32"). Similarly couldn't repair either.
Now I could just delete all this stuff but I've already done this once and the problem has recurred so I'd rather try and get to the bottom of it.
If this is a virus it doesn't actually seem to be doing anything much (Although my hard drive is filling up with crud
). Housecall has shown the disk to be clean, for what it's worth. Anyhow, my questions are:
Does this ring a bell with anyone?
Could it be a false alert, if so, how do I tell?
If it is a virus would the Avast cleaner tool be any use (It doesn't list win32:crypto as something it can fix)?
Any other ideas for tracking it down and killing it?
System: Pentium, windows 95B
Avast: Build 4.1.342, virus definitions fully up to date
Cheers
