Hi there,
I have found that my computer comes up with disturbing dialog boxes which lead me to the point that there was something that I dont want on my machine ;-)
I was able to fix this about a week ago but since then I found that there is a lot of network traffic.
tcpview showed me that there is a "<non-existent process>:xxx" which connects to a server "atfactor.com" and tries to connect to several smtp servers.
Looking at the process properties of this process shows "C:\WINNT\system32\koos.exe" which is not located on my system. I have checked the harddisk several times and there is no file with this name.
I changed the configuration of my router so no one is harmed any more by me but I am not able to get rid of this thing.
I have also checked with Process Explorer which shows me that this process ID belongs to CSRSS and Services.exe
Right at the moment I made a HJT log and attached it to this post. koos.exe is active and in memory with process ID 372, avast antivirus 4.7 home edition and prevx1 v2.3.0 build 10 are up and running and both systems tell me that there is no problem.
I know this description is a bit long but I hope to give all needed information
tia
Sebastian
I have found that my computer comes up with disturbing dialog boxes which lead me to the point that there was something that I dont want on my machine ;-)
I was able to fix this about a week ago but since then I found that there is a lot of network traffic.
tcpview showed me that there is a "<non-existent process>:xxx" which connects to a server "atfactor.com" and tries to connect to several smtp servers.
Looking at the process properties of this process shows "C:\WINNT\system32\koos.exe" which is not located on my system. I have checked the harddisk several times and there is no file with this name.
I changed the configuration of my router so no one is harmed any more by me but I am not able to get rid of this thing.
I have also checked with Process Explorer which shows me that this process ID belongs to CSRSS and Services.exe
Right at the moment I made a HJT log and attached it to this post. koos.exe is active and in memory with process ID 372, avast antivirus 4.7 home edition and prevx1 v2.3.0 build 10 are up and running and both systems tell me that there is no problem.
I know this description is a bit long but I hope to give all needed information
tia
Sebastian