Solved

Strange service

Posted on 2013-05-13
7
269 Views
Last Modified: 2013-05-13
i have a wondows xp machine sp3 with a strange service " jspxihjfb ", and it is set to automatic yet not started, I fear this may be indicating a virus, any second opinions?
0
Comment
Question by:Martyt1988
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39161199
It certainly looks suspicious, a full virusscan and an anti malware scan (I prefer MalwareBytes personally http://www.malwarebytes.org/ ) is in order.

What is the executable that the service points to?
0
 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 39161403
If you look at the service's properties, what executable does it point to?
0
 
LVL 24

Accepted Solution

by:
aadih earned 500 total points
ID: 39161482
Please delete the service that is definitely suspicious.  If you need instructions, use the information here as a step-by-step guide:

http://www.howtogeek.com/howto/windows-vista/how-to-delete-a-windows-service-in-vista-or-xp/ >

Then look in installed programs list any program that you don't recognize (either disable it from starting, using msconfig) or , if you are sure, delete it completely (if in error, you could install it again).

Then scan with MalwareBytes AntiMalware.  Scan also with TDSSKiller (for RootKits).  Make sure your security software's data files are updated and the program is running.

(Note: if you have any problems scanning normally, do it in safe mode, clean, and then scan again in the normal mode).
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 75

Expert Comment

by:käµfm³d 👽
ID: 39161564
@aadih
Please delete the service that is definitely suspicious.
That is not good advice. Blindly deleting services opens up the possibility of inadvertently breaking the system. Try to identify what the service is; then delete it if it's not important to the system.
0
 
LVL 24

Expert Comment

by:aadih
ID: 39161657
The service is clearly an invalid (malware, virus, trojan) service.  Have seen it, done it, hence the advice.  Worry not in deleting this service.
0
 

Author Comment

by:Martyt1988
ID: 39161670
service has been removed and will continue to monitor , may need to re-load
0
 
LVL 6

Expert Comment

by:BurundiLapp
ID: 39161705
You are probably right aadih, bit it would be prudent to verify that it is a malware related service before deleting it completely.

For all we know the machine could be a developers box and that might be a test name for a legitimate service that is under development.

Disabling the service and performing multiple full sweeps with various products would be the logical next steps, if they find something they may disable or delete the service themselves.
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question