This program is intended to block the use of unauthorized USB devices on computers and servers.
http://www.gfi.com/endpointsecurity
I found this installed at a site with no management console available. There is no uninstaller for the program, and GFI contends that you must use the console. I tried several times to remove the program to no avail. The thing is worse than SpyWare.
This is how I finally got rid of it:
Download Process Explorer - http://technet.microsoft.com/en-us/sysinternals/bb896653.aspx
Download HijackThis - http://free.antivirus.com/hijackthis/
Go into the service, change the service properties to not restart. Stop the service, you may have to do this several times. Once the service is stopped open a command window and type: sc delete "Service Name"
Open Process Explorer, Change the Priority of the process, eppsver.exe (or something close to that) to the lowest possible.
Open up the properties from process explorer and kill each thread.
Once all the threads are killed delete the Program Files Folder that contains eppsvr.exe, I think it was GFI.
Run Hijack This and delete the startup Hook. Reboot and make sure the thing is gone.
Zeus-related Botnet Servers Taken Offline
1 hour ago
0 comments:
Post a Comment