Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

HOMO.EXE ? Virus

Posted on 2004-09-03
8
861 Views
Last Modified: 2008-01-09
Would anyone know how to remove the homo.exe from Task Manager processes. It use up all the CPU usage.  We have a server with it.
0
Comment
Question by:mmoreau45
8 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11976076
Hello mmoreau45 =)

U must be having a startup entry in Start>Run>msconfig>Startup list, or a registry entry in Startup Run keys in regedit.... delete its keys or untick it in msconfig, then restart in safemode, and delete this file !!!
Restart in Normal Mode and now u shudn't be having it :)

!! GOOD LUCK !!
0
 
LVL 6

Expert Comment

by:icemanwol
ID: 11977199
If you are still haveing problems, post a hijackthis log and we will see what we can do :-)
http://www.spychecker.com/program/hijackthis.html
0
 
LVL 5

Expert Comment

by:Hypoviax
ID: 11987156
Yes, first do what SheharyaarSaahil said but then also update your antivirus software, run it on ALL machines, and then install spybot Search and Destroy from the address below also running on all machines:

http://www.safer-networking.org/en/index.html

Also make sure you have a corporate firewall so as to block programs coming down without your knowledge. Zonealarm is a good choice but others also may be worthwhile:

www.zonelabs.com

Regards,

Hypoviax
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 8

Expert Comment

by:bobo_tech
ID: 11994495
I had a problem with a similiar little bugger today.  I forgot the exact name of the file but it was something like mvsnut.exe.   Anyway, i did all my tricks.  Adaware and then msconfig.

It woudn't go away.

I would end the process and within a second, it would restart itself.

I ran hijack this and deleted the BHO for that file.  It reappeared as sooon as i rescanned.

Finally I rebooted into safe mode with command prompt only.  Once in the command prompt mode, I manually erased that file (it was in the windows folder).  I then rebooted, got an error that the file coudn't be found and then the problem didn't reoccur.

I rescanned with hijack this and could not find that same file, so I was happy.
0
 
LVL 8

Accepted Solution

by:
bobo_tech earned 50 total points
ID: 11994499
Another point, that file that I had to remove kept on sucking up 100 percent of the cpu as well.

0
 

Author Comment

by:mmoreau45
ID: 12200008
In Win XP Pro, login as the Admin I am unable to remove TCP/IP from the NIC setings.  Is there a work around other than Safe Mode.
0
 

Author Comment

by:mmoreau45
ID: 12249475
Please excuse me but I did get the answer to my question.  It seems that our Active Directory has control of the Policies set in the Domain.
0
 

Author Comment

by:mmoreau45
ID: 12249567
I have a W2K system and the exployer.exe (I beleive this is Windows Exployer) is malfuntioning and pop ups an error stating it can not read the memory.  Any ideas of how I can repair this with out surgery of the format of re-install OS.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
In this increasingly digital world, security hacks are no longer just a threat, but a reality. As we've witnessed with Target's big identity hack 2013, Heartbleed in 2015, and now Cloudbleed, companies and their leaders need to prepare for the unthi…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

861 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question