?
Solved

Strange service

Posted on 2013-05-13
7
Medium Priority
?
273 Views
Last Modified: 2013-05-13
i have a wondows xp machine sp3 with a strange service " jspxihjfb ", and it is set to automatic yet not started, I fear this may be indicating a virus, any second opinions?
0
Comment
Question by:Martyt1988
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39161199
It certainly looks suspicious, a full virusscan and an anti malware scan (I prefer MalwareBytes personally http://www.malwarebytes.org/ ) is in order.

What is the executable that the service points to?
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 39161403
If you look at the service's properties, what executable does it point to?
0
 
LVL 24

Accepted Solution

by:
aadih earned 1500 total points
ID: 39161482
Please delete the service that is definitely suspicious.  If you need instructions, use the information here as a step-by-step guide:

http://www.howtogeek.com/howto/windows-vista/how-to-delete-a-windows-service-in-vista-or-xp/ >

Then look in installed programs list any program that you don't recognize (either disable it from starting, using msconfig) or , if you are sure, delete it completely (if in error, you could install it again).

Then scan with MalwareBytes AntiMalware.  Scan also with TDSSKiller (for RootKits).  Make sure your security software's data files are updated and the program is running.

(Note: if you have any problems scanning normally, do it in safe mode, clean, and then scan again in the normal mode).
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 39161564
@aadih
Please delete the service that is definitely suspicious.
That is not good advice. Blindly deleting services opens up the possibility of inadvertently breaking the system. Try to identify what the service is; then delete it if it's not important to the system.
0
 
LVL 24

Expert Comment

by:aadih
ID: 39161657
The service is clearly an invalid (malware, virus, trojan) service.  Have seen it, done it, hence the advice.  Worry not in deleting this service.
0
 

Author Comment

by:Martyt1988
ID: 39161670
service has been removed and will continue to monitor , may need to re-load
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39161705
You are probably right aadih, bit it would be prudent to verify that it is a malware related service before deleting it completely.

For all we know the machine could be a developers box and that might be a test name for a legitimate service that is under development.

Disabling the service and performing multiple full sweeps with various products would be the logical next steps, if they find something they may disable or delete the service themselves.
0

Featured Post

Plug and play, no additional software required!

The ATEN UE3310 USB3.1 Gen1 Extender Cable allows users to extend the distance between the computer and USB devices up to 10 m (33 ft). The UE3310 is a high-quality, cost-effective solution for professional environments such as hospitals, factories and business facilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question