Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

new and strange exe


  • Please log in to reply
3 replies to this topic

#1 jackster

jackster

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 10 February 2011 - 07:47 PM

I recently opened an email and got these two files showing up at every boot.
EzoJypEOww.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
xNCWMDRbKK.exe has encountered a problem and needs to close. We are sorry for the inconvenience.
I use Avast free and Malwarebytes and SpywareBlaster all the time.
These also occurred about the same time I used Microsoft Security Essentials (now removed)
I used Trend Micro Housecall, Sophos antiroot and Avast antiroot...all with no offending results
The exe's show up in task manager but there is no way to "see" where they originate..other than HP_Administrator
Anyone have an idea as to what the heck these are?

Edited by boopme, 10 February 2011 - 09:15 PM.
Mod Edit: moved from XP to AII ~~boopme


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:45 PM

Posted 10 February 2011 - 11:44 PM

Hello they appear to be orphaned files,probably from a malware removal.

Can you do a File Search and find their exact location and post it??
How To Search for Files and Folders in Windows XP

Edited by boopme, 10 February 2011 - 11:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jackster

jackster
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 12 February 2011 - 12:52 PM

I think I may be alright now.
Avast boot scan picked these two baddies up and quarantined.
boopme, I did try to find these files but no luck.
Even after setting all folders unhidden and open to view.
so far so good !
Thanks boopme !!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:45 PM

Posted 12 February 2011 - 08:00 PM

OK, good.. Let's take 10 min and recheck the MBR (Master Boot Record) rootkit.

Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users