iyewcgi.exe

quintain · June 26, 2009, 12:35pm

CIS shows an orange alert for ‘iyewcgi.exe’ (no quotes) I cannot find it on this forum nor on a google search.
Can any one advise please.
P.S. I have rejected it twice accordingly CIS history may/will show that it has been rejected

system · June 26, 2009, 12:43pm

I’ve no idea, but *cgi seems to suggest a script…

alaertsxan · June 26, 2009, 12:44pm

Is is trying to add global hooks ? If so, it’s a virus I guess 88)

Xan

quintain · June 26, 2009, 12:49pm

CIS shows an orange alert for ‘iyewcgi.exe’ (no quotes) I cannot find it on this forum nor on a google search.
Can any one advise please.

P.S. I have rejected it twice accordingly CIS history may/will show that it has been rejected
P.P.S. My apologies, I have just posted this same post on another CIS child forum, before seeing this forum which seems more appropriate

alaertsxan · June 26, 2009, 1:07pm

Hi

can you please tell us what the pop-up says ? If it says : … is installing a global hook
then please follow this guide and post back the hijackthislog+A-squared log

Xan

quintain · June 26, 2009, 1:26pm

Hi Xan
I have clicked on ‘Disallow’ and also ‘Remember my decision’ can I get back into the CIS message??
I ‘think’ it said something about ‘global hook’ but am not certain.
I would welcome your thoughts/advice.

alaertsxan · June 26, 2009, 1:31pm

Well, you can always follow the guide just to be certain ;). But the name seems suspicious to me…

Xan

Dennis2 · June 26, 2009, 2:49pm

It should show the event in Defense+ /View Defense+ Events.
Dennis

jay2007tech · June 26, 2009, 2:58pm

'iyewcgi.exe' (no quotes) I cannot find it on this forum nor on a google search.

The file "iyewcgi.exe" sounds like a random created name. ??? :-TD Most likely that can't be good

quintain · June 26, 2009, 3:10pm

I am tying to carry out the process recommended by Xan but t is taking forever to download the 3 files they all seem to just hang.

quintain · June 27, 2009, 3:48pm

Hi Everyone
Time has allowed me to carry out the work.

Xan
I cannot fully understand what to do or where to send the “hijack log”
Do I just start a new thread in this forum with the subject matter of ‘iyewcgi.exe’ and post the hijackthis log??

alaertsxan · June 27, 2009, 4:07pm

Hi, please upload it in this topic. It will probably complain that .log is not allowed. Please change it to .txt

Thank you,

Xan

quintain · June 27, 2009, 4:10pm

Thanks Xan

Log uploaded as requested.
I hope I have got everything correct??

[attachment deleted by admin]

quintain · June 27, 2009, 4:11pm

Xan
Forgot to say it was showing as .txt I did not need to cahnge anything.

alaertsxan · June 27, 2009, 4:30pm

Hi your hijackthis log seems clean. Only 1 entry :
Do you know kkqiemy ? If not, I sujest you clean it.

O4 - HKCU\..\Run: [kkqiemy] "c:\users\richard\appdata\local\kkqiemy.exe" kkqiemy

Is Comodo still giving pop-ups for the malware, or is it cleaned ?

Xan

quintain · June 27, 2009, 4:40pm

No further popups, one of the programmes you recommended (malwarebyte) found a whole bunch of the with iyewcgi.exe but they were then cleaned.
I will delete kkqiemy.

I will now check my laptop.

Thank you and all others for your valuable help.

I use free version of CIS I have used Comodo for a long time should I consider changing anything ?? should I run malwarebyte & superantispyware on a frequent basis??

Once again thank you all for your help.