Solved

Process abc123YImia.exe running -- virus or spyware?

Posted on 2007-03-28
3
165 Views
Last Modified: 2013-12-04
Today, I noticed a new icon in the system tray -- a red donut with a black hole.  When I hovered over it, a balloon popped up saying, "Your computer is infected."  Double-clicking or right-click had no effect.  So, I checked the process list and found an unknown entry, abc123YImia.exe.  I ended the process, but the red donut was still in the system tray.  I ran HiJack This, Ewido, AdAware, SpyBot S&D, and McAfee VirusScan, but found nothing except a couple of tracking cookies (which were deleted).  After rebooting, the process and donut icon are gone.  So, my question is...

Is this a new virus or adware program?  (Google searches found nothing.)  Is something hiding on my system?
0
Comment
Question by:photoartguy
3 Comments
 
LVL 3

Assisted Solution

by:TheTechGuysNYC
TheTechGuysNYC earned 60 total points
ID: 18813655
Yes, I would say so.

I've seen cases where companies have found a way to do what you described. In this way, the user clicks and says "oh hsit... I'm infected," downloads the program from the company, and presto, it is gone. In most cases, it is not malicious, just an easy way to make money off of unsuspecting PC users.

Get a mac :)
0
 
LVL 32

Accepted Solution

by:
r-k earned 65 total points
ID: 18813698
If you ran all those programs and they found nothing then probably your system is clean. To be complete about it, you may want to do a scan with RootkitRevealer:

  http://www.microsoft.com/technet/sysinternals/utilities/RootkitRevealer.mspx

0
 

Author Comment

by:photoartguy
ID: 18879116
I'm not sure what it was, but I couldn't find a registry entry.  But, I did find the EXE file as well as 'abc123.pid' in the  C:\Documents and Settings\Administrator\Local Settings\Temp  directory  and deleted them.  It hasn't come back, yet -- so, hopefully that takes care of it.

Thanks for your help!
Dale

0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brand new malware strain was recently discovered by security researchers at Palo Alto Networks dubbed “AceDeceiver.” This new strain of iOS malware can successfully infect non-jailbroken devices and jailbroken devices alike.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question