Re: vbps.exe; what is it?

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Brad Schmitz (justme_at_gotme.com)
Date: 10/13/04 

Date: Wed, 13 Oct 2004 15:18:19 -0400

Just a brief update-
I ran Spybot and it didn't get rid of it (both normal and safe mode). If I
kill it from the Processes list it comes right back immediately and it's not
listed in msconfig on the startup list.
I searched the registry and renamed every listing for it (chg exe to bss)
and when I rebooted all the changes were changed back...so that's why I'm
here asking for help! :)
This is a company machine so I don't have Adaware loaded to run. I have SAV
Corp edition current and running but I an going to run a full scan next.
I'll let you know.
Brad

"Malke" <malke@nospoonnotreally.com> wrote in message
news:u6rEHrUsEHA.2456@TK2MSFTNGP10.phx.gbl...
> Brad Schmitz wrote:
>
> > I have a program running in my list of processes and I don't know what
> > it is. I've searched and can't find anything on it. I tried google on
> > the net and at microsoft.
> > Does anyone have any idea?
> > Brad
>
> Since a Google for "vbps.exe" didn't bring up any links, this is
> suspicious. Stop it running with Task Manager, disable it with
> msconfig, and:
>
> 1) Scan in Safe Mode with current version (not earlier than 2003)
> antivirus using updated definitions;
> 2) remove spyware with Spybot Search & Destroy
> (www.safer-networking.org) and Ad-aware (www.lavasoftusa.com). These
> programs are free, so use them both since they complement each other.
> You may also want to run CWShredder and HijackThis from
> http://aumha.org/freeware.htm. Although CWShredder is no longer being
> updated, it will still clean older variants of the CoolWebSearch
> malware. If you do not have success with this, there are new removal
> steps at http://www.silentrunners.org/sr_cwsremoval.html. A combination
> of HijackThis and About:Buster (http://www.majorgeeks.com) works well
> in removing homepage hijackers. Always read the instructions before
> running a spyware removal tool. Be sure to update these programs before
> running, and it is a good idea to do virus/spyware scans in Safe Mode.
> Make sure you are able to see all hidden files and extensions (View tab
> in Folder Options);
> 3) If you are running Windows ME or XP, you should disable/enable System
> Restore because malware will be in the Restore Points. With ME, you
> must disable System Restore completely. With XP, you can delete all but
> the most recent (presumably clean) System Restore point from the More
> Options section of Disk Cleanup (Run>cleanmgr).
> 4) make sure you've visited Windows Update and applied all security
> patches. Do not install driver updates from Windows Update;
> 5) run a firewall.
>
> Malke
> --
> MS MVP - Windows Shell/User
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"

Quantcast