Wierd processes running

Discussion in 'other security issues & news' started by ajcstr, Dec 3, 2004.

Thread Status:
Not open for further replies.
  1. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Anyone have any idea what area.exe or kgkgdloj.exe may be?

    area.exe is in C:\WINDOWS\Application Data
    kgkgdloj.exe is in C:\WINDOWS\SYSTEM

    both are initiated at system startup - I am running Windows ME.
    Adaware and Spybot do not flag these but they sure don't look right!
     
  2. nod32_9

    nod32_9 Guest

    Don't have WME but they don't sound like windows stuffs. Search Google for possible match.
     
  3. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    Did try Google, the only thing that comes up are the Hijack this logs that I posted !
     
  4. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Hi ajcstr, look for members-area.exe here. It's an adult content dialler which attempts to dial a high cost telephone
    number in order to access pornographic material on your behalf. Lovely! :doubt:

    I see you've had a go at kgkgdloj.exe here. Is there a reason for not following up your HJT post at SpywareInfo?
    Don't let frustration get the best of you....when you have someone taking the time to assist,
    be courteous and stick with it! ;)

    If you decide not to continue, choose another here.
    Good Luck.


    GF

    PS - Sorry not to know about ME, but if there's a system restore, you'll need to boot to safe mode and disable sr first
    before running any scans. I believe from a quick read, the dialler resides in the system files.

    In addition, you can check if kgkgdloj.exe is a windows process here and here.
     
    Last edited: Dec 4, 2004
  5. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    sharks

    Thanks - did not realize that I got a response, must have forgot to check box to send an e-mail notification.
     
  6. ajcstr

    ajcstr Registered Member

    Joined:
    Oct 28, 2004
    Posts:
    182
    FYI - Both of these processes turned out to be related to Purity Scan per Kaspersky's online scanner
     
  7. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Thanks for the FYI ajcstr. ;) Guess I was wrong. :doubt:
    In the future, please do a little investigation before you download, OK. :cool:

    GF
     
Loading...
Thread Status:
Not open for further replies.