Improve company productivity with a Business Account.Sign Up

x
?
Solved

poss virus activity - random process names in TaskManager

Posted on 2004-05-01
3
Medium Priority
?
437 Views
Last Modified: 2012-05-04
I've run three a/v products on the three PCs at my client's location.

NAV, Panda, Trend-Micro.

None of them are able to crack this nut.

Main indication of malware ---

I get random letter/number names of processes in the Task Manager (XPhome in all PCs) such as...

Gbi1r6.exe,
Smf1ikC.exe
Tzv5.exe
lklbq.exe
.
.
.
etc


Three or so will be running at system start, but employing EndProcess will weed them down - until after the last one is ended, then another random letter/number named process will appear within seconds.

Yes, I've run Ad-Aware.

Any other suggestions?
0
Comment
Question by:jelarson
  • 2
3 Comments
 
LVL 2

Accepted Solution

by:
LeftofCool earned 400 total points
ID: 10970472
First of all, go to Start>Run>'msconfig'>Startup Tab, and disable everything there, apply the options, reboot the computer. What your describing is most likely the Peper trojan horse and there are several methods of eradicating it. One such method is to use McAfee's AVERT Stinger, which is linked below. Also, in addition to ad-aware, you need to run several more tools to help you stay spyware/adware/virus free. Below is a list of tools that should serve you well:


Anti-Spyware/Adware

Ad-Aware 6
http://www.lavasoftusa.com

Spy Sweeper 2.6 (free trial)
http://www.webroot.com/wb/products/spysweeper/index.php

Spybot Search & Destroy 1.3 rc4 (release candidate 4)
http://fileforum.betanews.com/detail.php3?fid=1043809773

Hijack This
http://download.com.com/3000-8022-10227352.html?tag=lst-0-3

Web Shredder (Removes all Cool Web Search variants)
http://www.spywareinfo.com/~merijn/cwschronicles.html#cwshredder


Online Anti-Virus

Computer Associates Online AV
http://www3.ca.com/virusinfo/virusscan.aspx

Symantec (Norton AV)
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym

McAfee Free Scan
http://us.mcafee.com/root/mfs/default.asp

McAfee AVERT Stinger
http://vil.nai.com/vil/stinger/

Trend Micro Housecall
http://housecall.antivirus.com/housecall/start_corp.asp

Panda ActiveScan
http://www.pandasoftware.com/activescan/

Kapersky Online AV
http://www.kaspersky.com/remoteviruschk.html


I recommend downloading and running all the anti-spyware/adware tools and running at least two of the online scanners, in particular, Stinger.

0
 

Author Comment

by:jelarson
ID: 10971510
Okay - will try your suggs.

I'll be back to their place probably some time mid- to late-next week.  Will follow up on this thread once I go back.

Thanks.
0
 

Author Comment

by:jelarson
ID: 11090650
Yeah - it was Peper.

I thought it was a virus so I was throwing a/v at it.

Thx much!

:)
0

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The intent of this article is not to tell you what solution to use (you know it better) or make a big bang change to your current regime (you are well aware of), but to share how the regime can be better and effective in streamlining the multiple pa…
This is the conclusion of the review and tests for using two or more Password Managers so you don't need to rely on just one. This article describes the results of a lot of testing in different scenario's to reveal which ones best co-exist together.…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question