Somehow i have got a new user called KTFOD appearing when i start XP. I
can delete it but it reappears
i have used NAV to see if it is a
virus and it shows nothing, what is this? How can i get rid of it,
thanks
It looks like you are not the first.
<
http://groups.google.com/groups?q=KTFOD&ie=UTF-8&oe=UTF-8&hl=en&btnG=Google+Search>
Oddly enough, none of the threads describe a resolution. Do us all a favor
please. Post your findings so at least ONE thread (yours) might show a
resolution in the future.
It could be related to some software that you installed. Check its profile
(Control Panel - Administrative Tools - Computer Management - Local Users and
Groups - Users). Does its description tell you anything?
If that doesn't set you at ease, check for a spyware install. And disable the
account - don't delete it. If disabling it doesn't take, delete all the Member
Of entries in its profile.
Try these online virus scans to check NAV results:
<
http://www.ravantivirus.com/scan/> (IE Only)
<
http://housecall.trendmicro.com/housecall/start_corp.asp>
First, download LSP-Fix from <
http://www.cexx.org/lspfix.htm>, and CWShredder
from <
http://www.majorgeeks.com/download4086.html>.
Next, run CWShredder. Have it fix all variants.
Now check for, and remove, spyware. Get HijackThis
<
http://www.majorgeeks.com/download.php?det=3155> and Spybot S&D
<
http://security.kolla.de/index.php?lang=en&page=download>.
1) Install and run Spybot. First update it ("Search for updates"), then run a
scan ("Check for problems"). Trust Spybot, and make all recommended deletions.
2) Install and run HijackThis. Do NOT make any changes immediately. Save the
Log.
3) Have your HJT log interpreted by experts at one or more of the following
forums (and post it here):
<
http://forums.net-integration.net/>
<
http://www.spywareinfo.com/forums/>
<
http://forums.tomcoyote.org/>
<
http://www.wilderssecurity.com/>
If removal of any spyware affects your ability to access the internet (some
spyware builds itself into the network software, and its removal may damage your
network), run LSP-Fix.
Harden your browser. There are various websites which will check for
vulnerabilities, here are three which I use.
http://www.jasons-toolbox.com/BrowserSecurity/
http://bcheck.scanit.be/bcheck/
https://testzone.secunia.com/browser_checker/
Harden your operating system. Check at least monthly.
http://windowsupdate.microsoft.com/
Block possibly dangerous websites with a Hosts file. Three Hosts file sources I
use:
http://www.accs-net.com/hosts/get_hosts.html
http://www.mvps.org/winhelp2002/hosts.htm
(The third is included, and updated, with Spybot (see above)).
Learn to munge your email address properly, to keep yourself a bit safer when
posting to open forums. Protect yourself and the rest of the internet - never
post your address unmunged.
http://www.mailmsg.com/SPAM_munging.htm
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
