Home > Windows Xp > Windows XP Abnormal Behaviours And Antivirus Started Catching .exe As Trojans Virut?

Windows XP Abnormal Behaviours And Antivirus Started Catching .exe As Trojans Virut?

From what I can read around, the recommended "rule" pretty much seems to be, if there's another firewall software installed, then preferably XP's should be left turned off. Justin Installed with Logitech Mouseware. I say delete it. The process is apart of Desktop Messenger from Logitech. Check This Out

Makes me wonder whether it's actual BackWeb or something trying to spoof it. Search results for sessionmanager follow in a new post (so that the rest of the text doesn't get "borked", as you use to say).Note: The contents of both keys HKLM\SYSTEM\ControlSet002\Control\SessionManager and If you are interested in finding out more, please take a look at http://www.threatstop.com. backup and system lockdown are the ways to go. http://www.techsupportforum.com/forums/f50/windows-xp-abnormal-behaviours-and-antivirus-started-catching-exe-as-trojans-virut-433225.html

Mike installed with logitech wireless desktop technology, attached to 2 dll files as well, inside a logitech folder\desktop manager folder R I believe it only updates software. I think it is probably from the logitech software that came with my keyboard but from what I've been reading i don't want to attempt to remove it.. all files dropped by IE outside of/bypassing the download prompt should be munged - file extensionless and attempt to access/move/modify out of IE protected cache by local software should result to is on the line.

I would highly recommend getting rid of this! Talk about mixed messages: Spy Sweeper assessed BackWeb as a "medium" threat to my system but nonetheless indicated that the program "is generally used for legitimate purposes" and "should only be You would be best to have the file screen immediately shut down the file server when it detects this. just sad.

Jason This File is from The Logitech Desktopmessenger Dir, but i recommend do remove, because the name is no normal. jon Shortly after finding this file on my computer i got a trojan warning from Norton. ZoneAlarm can stop it with no problem. check my blog Reply David Johnson says: February 13, 2016 at 04:44 Still people just don't get it.

Please help me remove it. CyberCrud Whatever it is, I don,t need it. Steve As others have said, If you are used to making regular manual updates to all your software and hardware, all so called "auto-updaters" are utterly useless wastes of system resources..and Unnecessary.

Installed with Logitech WebCam, that's when the trouble started. http://www.neuber.com/taskmanager/process/backweb-8876480.exe.html I can create the reg file needed.We'll make an "undo" file if we break your messenger.-----------------------That regsearch you did is fine. We must have been posting at the same time.That alert is because of the one O16 lines with the real funky stuff in it. (I'll break it up so it don't Caleb S Backweb installed itself with the logitech mouse, Kodak software and f-secure without asking if that was ok.

I recommend removal.I'm much happier without it myself.Lots less work trying to monitor this moster on top of everything else. his comment is here The only item you have control over is ‘prevention' If prevention fails then wipe the machine and restore from backup. As of now, security experts recommend that a format and clean install, or destructive recovery if you have an OEM recovery partition, is the best way to clean the infection and Read more.

BML Mit F-Secure BackWeb können Benutzer Aktualisierungen der Antivirus-Datenbank sowie Informationen herunterladen, ohne dabei ihre Arbeit zu unterbrechen - also F-Secure uses "backweb" for instant updates. Most likely not a threat.You still have RegSearch?Can you run that program and search for this string please?sessionmanagerWithout the space.Post results here or if log is too big you can upload Witch means, that it ain't dangerous. this contact form Uninstalled it conventionally Spike Came with HP Printer!

At *best* it's bloat-ware IT Guy After researching the issue with my team, it does not effect your PC. I got the decrypt package. Reply adwbust says: February 4, 2015 at 14:32 Hey mmpc, don't you think it's time mse's NIS monitor and warn of excessive/suspect i2p and tor traffic?

Am familiar with backweb adawere has removed it before first time for BoCleanC CrashTestDummy Installed along with my MX1000 Mouse driver/software...

John vander Aalst BoClean identified it as Trojan Off of the cdrom during an install of mouse and keyboard. Cut hands and toes off, cut out tongues, burn down their buildings, make an example. Backup, backup, backup (did I say backup?). Jehn I would hope that a large company like Logitech would to their homework before using this software with MOST ALL of their mice.

Some versions might not be considered intrusive, but some certainly are intrusive to the users privacy. Then your just multiplying the threat factor by increasing their resources. No risk! http://iversoncreative.com/windows-xp/upgrade-windows-xp-to-windows-8-free-download.html Major retailer, major manufacturer and "review" sites. (Bet it was one of those) Reply blake says: February 4, 2015 at 04:29 Just got hit by Cryptowall 3.0 in my Server 2008R2

Brian I removed it with no problem using Control Panel add/remove programs Paul installed (had no choice) with a logitech quickcam messenger webcam, the moment i removed this my IE prevented Neither do 2 other guys with XP I checked with real quick.You are quite observant!!HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManagerCan you export yours and post it?Not sure if you are onto something or not but I If I did know I would be complaining to the company that distributed it. The graph below shows the spike after two days of no activity from 288 unique machines affected by this malware: Figure 1.  Sudden spike from CryptoWall 3.0 activity this month.