Whilst surfing this morning, Norton Firewall informed me that mysysinf.exe wanted to access the net. I immediately blocked it as I know my processes in Task manager inside out and that is not one I recognise. The .exe is 'dumped' straight into the C Drive outside any folder and is 8k in size. It was created just a few seconds before it tried to access the net. My guess is that it ties into the Prefetch folder but my gut feeling says that this .exe is not a welcome visitor! Any ideas?

1st step , run a virus check from 1 or all of these . Online Virus check ( free ) http://housecall.antivirus.com/ http://www.coledata.com/virusalert.htm http://www.cybertechhelp.com/html/misc/av.php http://www.pandasoftware.es/activescan/activescan-com.asp http://www.ravantivirus.com/scan/ http://www.bitdefender.com/ http://www.stop-sign.com/ ==================================== Free online Spyware detector Click on > Scan without registering http://www.pestscan.com/ Remove Spyfiles by using these 5 programs . Make sure you use the SpyBot/SpywareBlaster/Ad-aware/Bazooka/Swat It > Online > Update button regularly . Once you have the program installed , open SpyBot and select the "Immunize" icon on the left & Click on Immunize , in the new page . Permanently running bad download blocker for Internet Explorer . Select > Block all bad pages silently & click Install . Then check the box "lock hosts file read-only as protection against hijackers". http://beam.to/spybotsd http://www.wilderssecurity.com/spywareblaster.html http://www.lsfileserv.com/ http://www.lavasoftsupport.com/index.php?showtopic=11613 Bazooka http://www.kephyr.com/spywarescanner/index.html Swat It http://swatit.org/ What does SpyBot-Search & Destroy? SpyBot-S&D searches your hard drive for so-called spy- or adbots; little modules that are responsible for the ads many programs display. But many of these modules also transmit information about your surfing behaviour and more to the net. If SpyBot-S&D finds such modules, it can remove them - or replace them with empty dummies in case their host software won't run with its bot removed. In most cases, the host still runs fine after removing the bot. For a list of 'supported' bots see the feature lists below. The Spybot-S&D interface is so easy, that updates just require replacing a file of about 80k in size. Those updates are distributed by my software mailinglist, over this page and are also available from inside the programs update section. Another feature of Spybot S&D is the removal of usage tracks, which makes it more complicated for unknown spybots to transmit useful data. The list of last visited websites, opened files, started programs, cookies, all that and more can be cleaned. Supported are the three major browsers Internet Explorer, Netscape Communicator and Opera. Make sure you use the SpyBot > Online > Update button regularly . ----- http://www.wilderssecurity.net/spywareblaster.html SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed. How? By setting a "kill bit" for the CLSIDs of spyware ActiveX controls, it prevents the installation of any of them from a webpage. You can run Internet Explorer with Active-X enabled, but you will never even get a "Yes/No" box popped up, asking you to install a spyware Active-X control (Internet Explorer will never download or run it!). All other Active-X controls or plug-ins will work fine. The SpywareBlaster database contains information on these known spyware Active-X controls. Make sure you run the Check For Updates feature frequently to get the latest database! (And make sure you check the new items to protect your system against them!) As a side benefit, setting this "kill bit" will also prevent the spyware Active-X from running, in many cases, if it is already installed on your system.* -------- Ad-Aware http://www.lsfileserv.com/software/adaware/ http://www.lsfileserv.com/support/download/ Get rid of spyware now! Download the most recent version of our award winning, free multi spyware removal utility. --------- Bazooka http://www.webgrid.co.uk/security_2.html http://www.winsite.com/bin/Info?17000000037943 http://www.kephyr.com/spywarescanner/index.html Bazooka Adware and Spyware Scanner detects a multitude of spyware, adware, trojan, keylogger and trackware components; sources of irritation that antivirus software does not deal with. The scanning process will only take a fraction of a second and tell you how to uninstall the invasive spyware or put you in contact with the spyware developer for the most up-to-date and safe uninstall instructions. Spyware and adware is often bundled with software such as Kazaa, Morpheus, Grokster, Imesh, Xolox, Gnutella and a myriad of other programs, and in many cases installed without your knowledge. Some send information about your surfing habits to ad companies, which target you with popup ads that fit your preferences. Bazooka Adware and Spyware Scanner search for Gator, GAIN, Bargain Buddy, CommonName, FlashTrack, IPInsight, n-CASE, NetRatings, NewDotNet, SaveNow, Wurldmedia, etc. The complete list is available here. To stay up-to-date with the latest spyware and adware software Bazooka downloads the threat definitions from the web. Bazooka is freeware and Windows 95/98/ME/NT/2000/XP compatible. Click on the files found & you will be taken to a site that will show you how to remove , either with a program or manually . It reports on all drives & partitions , so remember to check all these , when doing manual remove . After the Download - It is important to remember that once the installation of Bazooka is completed , that you should update the File Signatures by clicking on the Update tab and check for an update . Make sure you Update regularly . Spyware and Adware Encyclopedia http://www.kephyr.com/spywarescanner/library/index.phtml?source=bassindex -------- Swat It http://swatit.org/ Swat It is a Completely FREE program that scans your files for Trojans, Worms, Bots and other Hacker programs. Swat It can detect and remove over 4000 different Trojan programs plus variants. Swat It was recently independently tested against popular commercial scanning software and we were absolutely delighted by the results. We try our utmost to keep our software more up to date and current than other similar software. The comparison results strongly indicated Swat It's ability to detect and remove the latest Trojans that are in circulation. After the Download - It is important to remember that once the installation of Swat It is completed, that you should update the File Signatures by clicking on the Update tab and check for an update. All Product and File Signature Updates are Totally FREE, this means that you will never have to pay a single penny to get the very latest version of Swat It or to update the File Signatures. Beware of SpyHunter http://www.post-gazette.com/pg/03289/231446.stm