Very urgent Heads up
There is a server in the US collecting email addresses via a piece of spyware called a Trojan

More details below (in the quote)
The authorities have shut the server down...But there are an awful lot of compromised computers out there 27,000 minimum!!!
Good news is the culprit if it's resident can be removed Leaving the Spam (if any?) to be mopped up by deleting or blocking
But how to detect it?
You'll need a small program installing called HiJack This from www.majorgeeks.com/download3155.html then you'll have to make a HJT Log after running the program. Read the Editors Notes first on the above link on how to do this and there is some extra help and tutorial links in the article
Then if the item below is listed on this log It can be deleted by ticking the check box against the entry otherwise don't touch a thing (this is an experts program)
If it appears in a different style to this or you are unsure, submit the log to the HJT forum at www.webuser.co.uk/forums Register and label the post "winldra.exe remove"Read the top pinned posting before you submit
And don't accept any help from anyone other than a Hijack this Helper(under their username)

quote:

This story has been running in the spyware community for a few weeks now.

More info can be found here: http://www2.spywareinfo.com/category/news/cws-id-theft/

For those of you that look at HijackThis logs now and again, if you see this line in a log:

O4 - HKLM\..\Run: [load32] C:\WINDOWS\System32\winldra.exe

please contact your nearest Moderator or send the victim a personal message referrring them to the SpywareInfo link above.

Then tell them to install a firewall and block EVERYTHING trying to call out.

more info

If you want to avoid the HJT Route of detection
Run Regedit via the Run box on the Start Menu
when the program starts click on Edit on top of the window then Find and type or paste this into the box winldra then click the Find Next button to the right then in about a minute you'll see a message "Finished searching through the Registry" If this is the case there is nothing on the computer But if it stops on an entry with this name then Do the HJT test as we mentioned before