Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Did rKill program completely remove MoboGenie Malware?

  • Please log in to reply
No replies to this topic

#1 francislholland


  • Members
  • 2 posts
  • Local time:03:55 AM

Posted 18 April 2014 - 11:04 PM



I'm new here.


I run a 32-Bit Windows XP Service Pack 3 computer.  I unfortunately installed the MoboGenie malware program on my computer and then had a very difficult time removing the program and its many vestiges.


I followed all of the instructions that I found for removing the MoboGenie malware virus and I used the rKill program, but I am unsure what the readout means.  In particular, the readout says, "HOSTS file entries found" and then there is a list of hostfile entries.  Does this mean that my computer is still at risk, or does it mean something else?


I found the directions I used at the following MalwareExperts.com address:




Here is what rKill said after scanning my computer:


Rkill 2.6.5 by Lawrence Abrams (Grinler)

Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 04/19/2014 12:07:50 AM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * No malware processes found to kill.
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
 * No issues found.
Checking Windows Service Integrity: 
 * Sistema de eventos COM+ (EventSystem) is not Running.
   Startup Type set to: Manual
 * Central de Segurança (wscsvc) is not Running.
   Startup Type set to: Automatic
 * Atualizações Automáticas (wuauserv) is not Running.
   Startup Type set to: Automatic
Searching for Missing Digital Signatures: 
 * No issues found.
Checking HOSTS File: 
 * HOSTS file entries found:       localhost 007guard.com www.007guard.com 008i.com 008k.com www.008k.com 00hq.com www.00hq.com 010402.com 032439.com www.032439.com 0scan.com www.0scan.com 1-2005-search.com www.1-2005-search.com 1-domains-registrations.com www.1-domains-registrations.com 1000gratisproben.com www.1000gratisproben.com 1001namen.com
  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.
Program finished at: 04/19/2014 12:08:38 AM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)
What does the entry in bold above mean?
Thank you for your attention.


Edited by hamluis, 19 April 2014 - 10:31 AM.
Moved from XP to Am I Infected - Hamluis.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users