Unknown Service - VIVWFLIOSARZP.EXE
in [Help and Support]
|
Prev: help
Next: Something's running every half hour.
From: Ken Blake, MVP on 20 Apr 2010 10:26 On Mon, 19 Apr 2010 18:58:01 -0700, Scott-az <Scottaz(a)discussions.microsoft.com> wrote: > Hi, I'm not sure where to post this question, so I started it here. Windows > XP sp3, under SERVICES, I found a new unidentified service named: > VIVWFIOSAZP.EXE. > > The only thing I can see is that this exe file is in a temp directory: > C:\DOCUME~1\Britt\LOCALS~1\Temp\VIVWFLIOSARZP.exe > > I have no idea what this service is or where it came from. > > Anybody have any suggestions? > Thanks A name like this, which can't be found in a search, is almost always a malware infection. -- Ken Blake, Microsoft MVP (Windows Desktop Experience) since 2003 Please Reply to the Newsgroup
From: Scott-az on 23 Apr 2010 11:32 Thanks for the help. I did run MalawareBytes'Anti-Malware, MS Malicious Tool Remover and RootKitRevealer. All came back negative. I made a manual System Restore point and deleted the service. Thanks "Ken Blake, MVP" wrote: > On Mon, 19 Apr 2010 18:58:01 -0700, Scott-az > <Scottaz(a)discussions.microsoft.com> wrote: > > > Hi, I'm not sure where to post this question, so I started it here. Windows > > XP sp3, under SERVICES, I found a new unidentified service named: > > VIVWFIOSAZP.EXE. > > > > The only thing I can see is that this exe file is in a temp directory: > > C:\DOCUME~1\Britt\LOCALS~1\Temp\VIVWFLIOSARZP.exe > > > > I have no idea what this service is or where it came from. > > > > Anybody have any suggestions? > > Thanks > > > > A name like this, which can't be found in a search, is almost always a > malware infection. > > > -- > Ken Blake, Microsoft MVP (Windows Desktop Experience) since 2003 > Please Reply to the Newsgroup > . >
From: David H. Lipman on 23 Apr 2010 16:29 From: "Scott-az" <Scottaz(a)discussions.microsoft.com> | Thanks for the help. I did run MalawareBytes'Anti-Malware, MS Malicious Tool | Remover and RootKitRevealer. All came back negative. I made a manual System | Restore point and deleted the service. | Thanks Deleting the service is insufficient ! Please submit a sample of VIVWFLIOSARZP.EXE to Virus Total -- http://www.virustotal.com/flash/index_en.html The submission will then be tested against many different AV vendor's scanners. That will give you an idea what it is and who recognizes it. In addition Virus Total will provide the sample to all participating vendors. You can also submit a suspect, one at a time, via the following email URL... mailto:scan(a)virustotal.com?subject=SCAN When you get the report, please post back the exact results. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Scott-az on 24 Apr 2010 18:57 Sorry, didn't know I was supposed to submit this to a website. I never did find an exe in the temp directory. Only had a service named vivwfliosarzp that pointed to an exe in a temp directory. When I did a file search, nothing was found. "David H. Lipman" wrote: > From: "Scott-az" <Scottaz(a)discussions.microsoft.com> > > | Thanks for the help. I did run MalawareBytes'Anti-Malware, MS Malicious Tool > | Remover and RootKitRevealer. All came back negative. I made a manual System > | Restore point and deleted the service. > | Thanks > > > Deleting the service is insufficient ! > > > > Please submit a sample of VIVWFLIOSARZP.EXE to Virus Total -- > http://www.virustotal.com/flash/index_en.html > The submission will then be tested against many different AV vendor's scanners. > That will give you an idea what it is and who recognizes it. In addition Virus > Total will provide the sample to all participating vendors. > > You can also submit a suspect, one at a time, via the following email URL... > mailto:scan(a)virustotal.com?subject=SCAN > > When you get the report, please post back the exact results. > > > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > > . >
From: David H. Lipman on 24 Apr 2010 19:34
From: "Scott-az" <Scottaz(a)discussions.microsoft.com> | Sorry, didn't know I was supposed to submit this to a website. I never did | find an exe in the temp directory. Only had a service named vivwfliosarzp | that pointed to an exe in a temp directory. When I did a file search, | nothing was found. Because it may have the Hidden and System attributes and cause it to be staelthy from normal views. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |