PDA

View Full Version : Gotta virus that halts hijack/mbam/rkill in safe mode,


Masterclown
10-13-2011, 03:17 PM
Running WinXP pro sp3. When I open taskmanager, I can see a process with the name "1412394058:304636307.exe"....no luck googling it, of course.

I can locate a couple of entries for 1412394058 in the registry, and there is file with that name in systemroot. I tried deleting those entries but on startup it was back, of course.

Any ideas on what other tool might sack it?

notavirus.exe
10-13-2011, 03:45 PM
Have you tried superantispyware (http://www.superantispyware.com/)?

If not, give it a go.

If all else fails, a fresh copy of windows will do wonders with viruses. Also, might want to look into getting that hot new win7. With Kaspersky and win7 i have yet to find a virus worth losing sleep over.

bes
10-13-2011, 03:52 PM
Have you tried superantispyware (http://www.superantispyware.com/)?

If not, give it a go.

If all else fails, a fresh copy of windows will do wonders with viruses. Also, might want to look into getting that hot new win7. With Kaspersky and win7 i have yet to find a virus worth losing sleep over.

or he could try Windows 8 preview http://msdn.microsoft.com/en-us/windows/apps/br229516/ :-)

Masterclown
10-13-2011, 04:26 PM
Have you tried superantispyware (http://www.superantispyware.com/)?

If not, give it a go.

If all else fails, a fresh copy of windows will do wonders with viruses. Also, might want to look into getting that hot new win7. With Kaspersky and win7 i have yet to find a virus worth losing sleep over.

Thanks, I'll try that spyware.

And I agree on the Win 7:) alas, I'm dealing with some oooold hardware.

dosbox
10-13-2011, 04:48 PM
http://www.malwarebytes.org/products/malwarebytes_free comes highly recommended

WeKnowHowToLive
10-13-2011, 10:06 PM
Killed this the other day at work. Unfortunately I dont know exactly got rid of it but it was one of:

malwarebytes
ad-aware
spybot
superantispyware
avg

those are all the programs we use and i just had them all run in safemode and one of them got it, but i was busy with other machines.

Masterclown
10-14-2011, 02:49 AM
Thanks guys, I'll all of those a shot.