Solved

How to remove virus associated with Apache.exe, opmn.exe, rotatelogs.exe

Posted on 2004-10-13
10
2,717 Views
Last Modified: 2010-10-05
I have a virus on my computer, and I can see the following process running in the Windows Task Manager:
Apache.exe
opmn.exe
rotatelogs.exe

I can't find these executables on my computer, or any file that has any of these names included.

I've tried running Norton Antivirus, and it doesn't seem to locate them.
I also tried running Spybot Search & Destroy.  Although it keeps finding new ones, it doesn't seem to find the source that creating the new viruses.


Does any one know how to remove these viruses?
How do these virus rename themselfs on the Windows Task Manager?
0
Comment
Question by:Axter
  • 4
  • 4
  • 2
10 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12296888
Hello Axter =)

Who has told u that these are viruses ??
which antivirus software is picking them up.... coz i dont think so that these are viruses :-/
look at here, Apache.exe >> http://www.reger24.de/prozesse/Apache.exe.php

and if will look for the rest two processes on Google, u will find them related to Apache server thingies !!
So... are u sure u have not this server or any of its application is installed on ur system ??
0
 
LVL 30

Author Comment

by:Axter
ID: 12296940
>>Who has told u that these are viruses ??
They have the tail tail sign of viruses.

1. There are two sets of them.
2. When I kill them, they quickly popup again in pairs
3. There are no associated executables with those names


>>which antivirus software is picking them up.... coz i dont think so that these are viruses :-/
I'm positive they're viruses.  I'm not running this server on my computer, and there is no apache.exe file on my computer.
0
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 12297011
No Axter..... i cannot recognise any such virus and neither i can find any information of such virus which has all these processes !! =\

why dont u try this, goto Start>Run>msconfig>Startup and click on Disable All
then in Services section, click Hide Microsoft Services, now u will get all third party services
untick all of them, and now restart ur system
check now if same processes are running or not ??
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 6

Accepted Solution

by:
acmp earned 500 total points
ID: 12298588
Hi,

You can use prcview (http://www.prcview.com) to get the path to the exe file. Hopefully the location of hte file will let you tell what it is.

>now u will get all third party services untick all of them, and now restart ur system
I wouldn't do this unless you are sure you don't need them.
I would suggest that you look up each service and check to make sure what it is. If It's valid then don't stop/remove it.

Post back

acmp<><
0
 
LVL 6

Expert Comment

by:acmp
ID: 12298616
BTW,

The file names are all valid _if_ you are running an apache web server. This can be bundled with some other software.

I guess this is why people don't think you have a virus. And If I'm honest, I agree with them. But then again, this wouldn't be the first time I ws wrong. ;-)

acmp<><
0
 
LVL 30

Author Comment

by:Axter
ID: 12299867
>>The file names are all valid _if_ you are running an apache web server. This can be bundled with some other software.

I'm not running appache web server.
Furthermore, even if I had some third party program that was calling these files, wouldn't the name of the executable listed in Windows Task Manager, match the name of the actual executable.

I see no ligitimate reason for having a process named Apache.exe, and when there is no such executable on my computer.

I did a search for this executable on my entire computer, and it was not found.
I also don't see why this executable would pop back up so quickly after I kill the process.
0
 
LVL 30

Author Comment

by:Axter
ID: 12299908
acmp,
That's a great utility.

Thanks a bunch!
0
 
LVL 6

Expert Comment

by:acmp
ID: 12306393
Glad you like it.

If you get chance I'd like to know what was creating the exe's/the path to them.  This is so I can help others if they have a similar problem.

TIA

acmp<><
0
 
LVL 30

Author Comment

by:Axter
ID: 12317749
>>If you get chance I'd like to know what was creating the exe's/the path to them.  This is so I can help others if they have a similar
>>problem.

The virus was hiding in a network drive I had mapped out, which I forgot to search on.
That utility showed me the exact location of the executable.
0
 
LVL 6

Expert Comment

by:acmp
ID: 12398582
Thanks (sorry for the late reply, I've been on holiday :-)

acmp<><
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Change your password...do it now!. Probably the easiest point of access to your account is through guessing your password. If your password is guessable, do change it now. If not for your sake but for everyone else in your friends list. Remember …
PREFACE The purpose of this guide is to explain how to manually move a SEP client to a different client group by performing steps on the client-side. These steps may prove particularly useful because they allow the client to move after it has alrea…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question