Archived from groups: microsoft.public.win95.general.discussion (
More info?)
SYSMAP.exe is added as a result of the MAPSY virus:
http://securityresponse.symantec.com/avcenter/venc/data/backdoor.mapsy.html
http://vil.nai.com/vil/content/v_99783.htm
I do not find a reference to a file named "adcontrol.exe", but "WinAdCtl.exe" is
known as Windows AdControl, and is a Windupdates adware variant.
CastleCops Windows AdControl WinAdCtl.exe:
http://computercops.biz/startuplist-6126.html
See here for more info and check your system for the enties listed:
http://www.spynet.com/spyware/spyware-WindUpdates.aspx
aaa.exe appears to be part of Downloader-DK, a trojan downloader:
http://vil.mcafeesecurity.com/vil/content/v_100512.htm
Bac.exe may be W32/Backterra-D:
http://www.sophos.com/virusinfo/analyses/w32backterrad.html
The random-letter-named exe's may also be just that....random-generated names for
trojan downloaders.
Bottom line is that the system seems to be infested with trojans and adware. Do you
have an updated anti-virus installed?
Update your anti-virus app and then run a full-system virus scan.
Use CWShredder, the CoolWeb removal tool, available here:
http://www.majorgeeks.com/downloads31.html
http://www.zerosrealm.com/downloads/CWShredder.zip
http://aumha.org/downloads/cwshredder.zip
Close all browser windows and open apps, start CWShredder and click the Fix button.
In addition, install Ad-Aware SE free edition (if possible...it does not install
successfully on all Win95 systems), start it, click its 'Check for Updates' link in
the app to install updates, then use it to scan your system, and remove what it
finds.
Ad-Aware:
http://www.lavasoftusa.com/support/download/
Install SpywareBlaster:
http://www.majorgeeks.com/download2859.html
Click the link in the app to check for and install updates, then click to 'Enable
all protection'.
Update at least weekly.
Post back with your results.
--
Glen Ventura, MS MVP W95/98 Systems
http://dts-l.org/goodpost.htm
"dan" <4dsf@NoSpaM.com> wrote in message
news:ObLHyFH4EHA.3596@TK2MSFTNGP12.phx.gbl...
> I am using Win95 and IE 5.5.
> On 11/12/2004 some 3843 files were created in C:\Windows
> SYSMAP.exe was created in C:\ and install.exe was created
> in C:\Windows\Temp.
> All files except install.exe were 7KB. Examples from A thru V, all 3
> letters are:
>
> Aaa.exe
> Aab.exe
> Bac.exe
> Bae.exe
> Bvf.exe
> Rnb.exe
> Rvq.exe
> Vvo.exe
>
> Is this from an Adware or Spyware exe. ? I removed a Windows Adcontrol exe.
> around that
> date and I'm not sure if this is a remainder or new stuff on the HD.
> My puter has been running very slow since that time period
> and the modem isn't doing much better.
>
> Any help would be appreciated.
>
>