Nothing comes up for a search (on Google) for this process: IF15D3.EXE

[easyoff]

The ony two files that come up when I search my local drive are located
in "prefetch," and "temp."

If anyone could shed some light as to what IF15D3.EXE has anything to
do with, I would greatly appreciate it. Thanks!

B

 

[Bob I]

I would suggest running Adaware SE and Spybot S&D on the PC. (Free for
home use versions are available on the web)

 

[easyoff]

I would suggest running Adaware SE and Spybot S&D on the PC. (Free for
home use versions are available on the web)

I have adaware PRO and run the adwatch that comes with it. In about a
year I haven't had 1 object infected. I keep my stuff pretty clean.
The PC which has this process running is on a network domain. I even
searched all the network drives, and nothing comes up. It seems to be
only on my local.

 

[Guest]

I have adaware PRO and run the adwatch that comes with it. In about a
year I haven't had 1 object infected. I keep my stuff pretty clean.
The PC which has this process running is on a network domain. I even
searched all the network drives, and nothing comes up. It seems to be
only on my local.

First I notice you mentioned it run from the *TEMP* that mean it is
lurking there, so Try to Clean the Temp files on your computer By doing a
Disk CleanUp.
=> Preftech that the most Runing File/programs on your system, so this
Procesor is Excuted a lot on the machine by accessing an Infected file or
Program.

=>It doesn't looks like a system file/processor to me, did you run Virus
scan also as Adware scan?.
You can Disable this Runing Processor and Do a scan in both Safe Mode and
Normal Mode.
Try scan online from here:
http://www.pandasecurity.com
http://www.trendmicro.com
=> Also Download the HijackThis File and Run then send the report to the
Aumha Forum for Analysis * but please not here as not allowed*:
http://www.aumha.org/free.htm

Is your system runing Slow or you spot an unormal Activities in the Traffic
from amd To your computer?.

HTH.
Please let us know your progress.
Reagrds,
nass

 

[Guest]

If it's only in your temp and prefetch and its a running process, then end
the process in task manager and delete it from your hard drive. If it is in
your temp folder then you don't need it. Go to...

http://www.prevx.com

Download their free anti-malware security program and run it on your
computer and look for any other infections. Good Luck.

Joe

Kemco IT Tech

 

[easyoff]

Wow! Thanks everybody for the feedback. Ya know, I didn't even think
of ending the process...not that I knew I couldn't, I just was shocked
that I found a process running that Google had no search for. This is
my work PC and it is only a 500mhz! I actually have more RAM than
Processor speed, LOL!! Anyway, it is not running slow. Running like
it normally does...which is painful as you can tell by the specs, but
like I said, I keep my $hit pretty clean so it actually runs decent for
how outdated it is. We have Trend and it does not find anything
infected for virus and maleware. I'm really not worried about
it...just wanted to know what the process is. I will probably just get
rid of it. I run Adaware Pro at home and use NIS for Antivirus and
that seems to be all I need. My XP is even bootleg with NO updates
(not even SP2) what so ever...and I still stay clean all the time. I
always thought Adaware with adwatch was the best, at least is has been
for me...along with an antivirus of course. But if someone really
recomends other anti-spyware/maleware, please let me know what you
think.

 

[easyoff]

Ok, now I'm getting this one...YUCA8E.EXE, and I can't find any
information anywhere on it. I think my network administrators are
****ing with me.

 

[Bob I]

I have adaware PRO and run the adwatch that comes with it. In about a
year I haven't had 1 object infected. I keep my stuff pretty clean.
The PC which has this process running is on a network domain. I even
searched all the network drives, and nothing comes up. It seems to be
only on my local.

AH! Try turning off "Ad-watch"(as a test). IIRC it runs a random "bogus
named" exe to prevent malware from being programed to shut it off.

 

[Seahawk60B]

I believe those processes are created by Trend to run your antivirus
protection. See if you can check the properties on the file for
Company, etc.

 

[easyoff]

Seahawk60B, I believe you are right. I can open one file (of each of
those processes) with notepad and it does have information regarding
Trend. I did end the process and it didn't seem to effect anything,
but now that it seems to be a Trend process...I wondering if ending it
was or is dangerous?

 

[Seahawk60B]

It's probably not dangerous, but will probably impact the effectiveness
of your antivirus protection. My guess would be that trend is
generating a random name for the process to prevent viruses from being
able to terminate it.

Knowing that it's a valid Trend process, I would leave it alone and let
it run...