Solved

HOMO.EXE ? Virus

Posted on 2004-09-03
8
867 Views
Last Modified: 2008-01-09
Would anyone know how to remove the homo.exe from Task Manager processes. It use up all the CPU usage.  We have a server with it.
0
Comment
Question by:mmoreau45
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11976076
Hello mmoreau45 =)

U must be having a startup entry in Start>Run>msconfig>Startup list, or a registry entry in Startup Run keys in regedit.... delete its keys or untick it in msconfig, then restart in safemode, and delete this file !!!
Restart in Normal Mode and now u shudn't be having it :)

!! GOOD LUCK !!
0
 
LVL 6

Expert Comment

by:icemanwol
ID: 11977199
If you are still haveing problems, post a hijackthis log and we will see what we can do :-)
http://www.spychecker.com/program/hijackthis.html
0
 
LVL 5

Expert Comment

by:Hypoviax
ID: 11987156
Yes, first do what SheharyaarSaahil said but then also update your antivirus software, run it on ALL machines, and then install spybot Search and Destroy from the address below also running on all machines:

http://www.safer-networking.org/en/index.html

Also make sure you have a corporate firewall so as to block programs coming down without your knowledge. Zonealarm is a good choice but others also may be worthwhile:

www.zonelabs.com

Regards,

Hypoviax
0
Watch Anatomy of a Wi-Fi Hack On-Demand

In less than a weekend, anyone with Internet access and some free time can become a Wi-Fi MitM to wreak havoc on your network. View our Wi-Fi Expert in an on-demand episode of our Secure Wi-Fi mini-series as he explores the motives, execution, and anatomy of a Wi-Fi hack.

 
LVL 8

Expert Comment

by:bobo_tech
ID: 11994495
I had a problem with a similiar little bugger today.  I forgot the exact name of the file but it was something like mvsnut.exe.   Anyway, i did all my tricks.  Adaware and then msconfig.

It woudn't go away.

I would end the process and within a second, it would restart itself.

I ran hijack this and deleted the BHO for that file.  It reappeared as sooon as i rescanned.

Finally I rebooted into safe mode with command prompt only.  Once in the command prompt mode, I manually erased that file (it was in the windows folder).  I then rebooted, got an error that the file coudn't be found and then the problem didn't reoccur.

I rescanned with hijack this and could not find that same file, so I was happy.
0
 
LVL 8

Accepted Solution

by:
bobo_tech earned 50 total points
ID: 11994499
Another point, that file that I had to remove kept on sucking up 100 percent of the cpu as well.

0
 

Author Comment

by:mmoreau45
ID: 12200008
In Win XP Pro, login as the Admin I am unable to remove TCP/IP from the NIC setings.  Is there a work around other than Safe Mode.
0
 

Author Comment

by:mmoreau45
ID: 12249475
Please excuse me but I did get the answer to my question.  It seems that our Active Directory has control of the Policies set in the Domain.
0
 

Author Comment

by:mmoreau45
ID: 12249567
I have a W2K system and the exployer.exe (I beleive this is Windows Exployer) is malfuntioning and pop ups an error stating it can not read the memory.  Any ideas of how I can repair this with out surgery of the format of re-install OS.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
parent control advice for app searches 4 32
Disable Security Alert  popup in Winforms  embedded webbrowser. 1 81
ticket bloat 3 70
Red Hat Satellite report generator 4 24
OnPage: Incident management and secure messaging on your smartphone
Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question