0

Possible Duplicate:
Computer is infected by a virus or a malware, what do I do now?

One of my friend's yahoo account was hacked recently (the account was accessed from Mexico, Poland, Canada, Japan, and couple other countries - he's in Seattle, WA, USA). He changed the password and all the security questions, etc., but we wanted to try to find out, how they get into his account in the first place. When I opened Task Manager -> Processes, and there's a process called lnqtkqhegaq.exe, description: lnqtkqhegaq. The process starts up together with the system. Has anyone seen this process before? How can we find and remove this process permanently? I tried to search the whole file system for that file - no files found; run the norton with newest database - no viruses or malwares, etc. Any ideas?

Here's his configurations in case it's important: Windows 7 64-bit, AMD Phenom II 2.2GHz, 4GB RAM. The laptop is HP G62 Notebook PC.

Community
  • 1
Sherzod
  • 273
  • 1
  • 2
  • 7
  • 1
    [Computer is infected by a virus or a malware, what do I do now?](http://superuser.com/questions/100360/computer-is-infected-by-a-virus-or-a-malware-what-do-i-do-now) – Bob Jun 14 '12 at 06:19
  • @Bob: none of the "symptoms" fit our case. Computer itself works fine. It's just that recently, 2 yahoo accounts have been hacked when used that laptop to sign in. – Sherzod Jun 14 '12 at 06:21
  • If all you want to do is remove it, get [autoruns](http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx), find it, and remove it. – soandos Jun 14 '12 at 06:22
  • 3
    This is malware. It is a randomly generated filename designed to bypass detection and / or removal. –  Jun 14 '12 at 06:22
  • @RandolphWest: I thought malware would be detected by Norton? – Sherzod Jun 14 '12 at 06:25
  • 1
    @shershams Try some of the recommended ways to clean up; no single antimalware program will catch everything. Personally, I've had MalwareBytes Anti-Malware catch a whole lot Norton misses. – Bob Jun 14 '12 at 06:28
  • @shershams Norton will detect the malware IF your product is up-to-date and IF Norton has already taken into consideration this variant of malware and computed a signature for it. – Silviu Jun 14 '12 at 07:13
  • 1
    @Silviu and IF the malware has not disabled or blocked Norton's scans (rootkits especially will do this) - that is why it is recommended to boot off another operating system or attach the hard drive to another computer. – Bob Jun 14 '12 at 07:20

1 Answers1

0

To test wheter thi is a virus you can use online virus scans against any file. Try VirusScan from Jotti.

If you want to clean your machine try installing some good antivirus on it. To select good antivirus I always recommand paging through some sites like av-comparatives.org, they give a good background of antivirus products quality. My all time favorite is Avira and it is also available free for personal use.

kworr
  • 801
  • 7
  • 10