Systemie.exe

So I'm surfing away last night when suddenly I start getting pops from NAV.

i imediately close all IE windows and respond accordingly to the NAV pop ups.

Disconnect and do a search for all files create in the last 1 day.

Bingo some suspicious looking files in C:\Windows\System:

systemie.exe
sysie.dll
systemie.dll
systemie.dat

and another .exe file in C:\

look through the registry for systemie and sysie and find some hits at:

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D1228C9-F556-4158-BC0B-D3FF4F3F3E1B}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ ShellServiceObjectDelayLoad\"systemie"=

Ran Adaware and it didn't pick up anything.

Deleted registry entries, rebooted into Win98 - was in WinMe and deleted the 5 files from Win98.

Rebooted into WinMe all apears ago.

Haven't run NAV as yet but would be curious to know what I was hit by ?

According to Wilders Security Forums This is a Keylogger and that information could have been transmitted to someone.

More info

Hmm thanks.

Lucky I deleted the reg entries and the files via Win98 before rebooting WinMe again.

Will run a NAV FSS tonight to see if it pick anything up.