Solved

HOMO.EXE ? Virus

Posted on 2004-09-03
8
854 Views
Last Modified: 2008-01-09
Would anyone know how to remove the homo.exe from Task Manager processes. It use up all the CPU usage.  We have a server with it.
0
Comment
Question by:mmoreau45
8 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11976076
Hello mmoreau45 =)

U must be having a startup entry in Start>Run>msconfig>Startup list, or a registry entry in Startup Run keys in regedit.... delete its keys or untick it in msconfig, then restart in safemode, and delete this file !!!
Restart in Normal Mode and now u shudn't be having it :)

!! GOOD LUCK !!
0
 
LVL 6

Expert Comment

by:icemanwol
ID: 11977199
If you are still haveing problems, post a hijackthis log and we will see what we can do :-)
http://www.spychecker.com/program/hijackthis.html
0
 
LVL 5

Expert Comment

by:Hypoviax
ID: 11987156
Yes, first do what SheharyaarSaahil said but then also update your antivirus software, run it on ALL machines, and then install spybot Search and Destroy from the address below also running on all machines:

http://www.safer-networking.org/en/index.html

Also make sure you have a corporate firewall so as to block programs coming down without your knowledge. Zonealarm is a good choice but others also may be worthwhile:

www.zonelabs.com

Regards,

Hypoviax
0
 
LVL 8

Expert Comment

by:bobo_tech
ID: 11994495
I had a problem with a similiar little bugger today.  I forgot the exact name of the file but it was something like mvsnut.exe.   Anyway, i did all my tricks.  Adaware and then msconfig.

It woudn't go away.

I would end the process and within a second, it would restart itself.

I ran hijack this and deleted the BHO for that file.  It reappeared as sooon as i rescanned.

Finally I rebooted into safe mode with command prompt only.  Once in the command prompt mode, I manually erased that file (it was in the windows folder).  I then rebooted, got an error that the file coudn't be found and then the problem didn't reoccur.

I rescanned with hijack this and could not find that same file, so I was happy.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 8

Accepted Solution

by:
bobo_tech earned 50 total points
ID: 11994499
Another point, that file that I had to remove kept on sucking up 100 percent of the cpu as well.

0
 

Author Comment

by:mmoreau45
ID: 12200008
In Win XP Pro, login as the Admin I am unable to remove TCP/IP from the NIC setings.  Is there a work around other than Safe Mode.
0
 

Author Comment

by:mmoreau45
ID: 12249475
Please excuse me but I did get the answer to my question.  It seems that our Active Directory has control of the Policies set in the Domain.
0
 

Author Comment

by:mmoreau45
ID: 12249567
I have a W2K system and the exployer.exe (I beleive this is Windows Exployer) is malfuntioning and pop ups an error stating it can not read the memory.  Any ideas of how I can repair this with out surgery of the format of re-install OS.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

Healthcare organizations in the United States must adhere to the guidance of both the HIPAA (Health Insurance Portability and Accountability Act) and HITECH (Health Information Technology for Economic and Clinical Health Act) for securing and protec…
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now