well when I googled it, I came to these two. http://www.malwarebytes.org/
and http://www.prevx.com/filenames/X3728156890908387869-X1/KLOMP2EEXE.html I tried the PrevX one, and it was a small footprint download and completed the system scan in just over 3 minutes. I didn't find anything, but I didn't think I was infected (although I do wonder as I have the multiple exes but for Chrome, not IE, oh and my FFox is totally baked) I will probably try the other one as well, just to see if it finds anything, as something is wrong with my system. Rob On Tue, Jan 6, 2009 at 1:53 PM, Michael Grant <[email protected]> wrote: > I know the cf-comm is riddled with computer gurus so I was hoping someone > might be able to help me. > > I seem to be infected with a virus that nothing seems to find. Before the > new year I noticed in task manager that I was getting extra instances of > iexplore.exe running. If I had two IE's running there would three instances, > sometimes four. It seemed pretty benign and for the most part I would just > close the extra ones and ignore the problem. However after coming back from > the holidays I was unable to open IE. It would tell me that Internet > Explorer could not be found when I would click the icon. I did some Googling > and after doing some reading and searching found an errant registry entry. > In HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows NT > CurrentVersion > > Image File Execution Options I found an entry for iexplore.exe. In the entry > there is a key for Debugger and the value is C:\WINDOWS\system32\klomp.exe. > I delete the entry and can run IE again. When I run IE the entry is re-added > and IE breaks again. If I rinse and repeat I can get IE to work but every > time it adds the entry. I've searched my registry for "klomp" and can't find > it anywhere else. > > I've run multiple full scans with Symantec Corporate Edition (it's my work > compy and that's what the company has) and it doesn't find anything. It has > updated virus defs. However when I run IE Symantec pops up and tells me it's > identified Trojan.Vundo and removes klomp.exe from the windows/system32 > folder. I've run HouseCall from TrendMicro and it doesn't find anything. > I've also downloaded and run the Trojan.Vundo removal tool from Symantec and > it tells me that Vundo isn't on my system. > > Any ideas? > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-community/message.cfm/messageid:283966 Subscription: http://www.houseoffusion.com/groups/cf-community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5
