|
Posted by karl levinson, mvp on July 16, 2006, 1:22 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Sounds very suspicious. I suggest going to www.virustotal.com and
submitting the files there. You should get an answer in a few seconds as to
whether this is something known or not. If it is not known, that site
supposedly shares samples with other AV companies, though you may want to
submit it to your AV company directly via the instructions on their web
site.
>I was troubleshooting an unrelated problem and came across a process that
>is running on my 3 servers. The executable was located in the
>C:\Windows\Temp directory and had the following names. It was different on
>each computer.
>
> IPFB78.EXE
> LDEFBA.EXE
> CVE3A0.EXE
>
> If I end the process the file disappears out of the C:\Windows\Temp
> directory. I am running up to date Trend Micro and the scan comes clean. I
> also ran an Ad-Aware scan and everything looked good too.
>
> Has anyone seen anything like this. It doesn't seem to be affescting the
> performance of my servers but leaves an uneasy feeling for me.
>
>
| 
XML site map