Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Did rKill program completely remove MoboGenie Malware?


  • Please log in to reply
No replies to this topic

#1 francislholland

francislholland

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:42 PM

Posted 18 April 2014 - 11:04 PM

Hello,

 

I'm new here.

 

I run a 32-Bit Windows XP Service Pack 3 computer.  I unfortunately installed the MoboGenie malware program on my computer and then had a very difficult time removing the program and its many vestiges.

 

I followed all of the instructions that I found for removing the MoboGenie malware virus and I used the rKill program, but I am unsure what the readout means.  In particular, the readout says, "HOSTS file entries found" and then there is a list of hostfile entries.  Does this mean that my computer is still at risk, or does it mean something else?

 

I found the directions I used at the following MalwareExperts.com address:

 

http://www.malwareexperts.com/how-to-remove-mobogenie-virus-solved/

 

Here is what rKill said after scanning my computer:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)

Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 04/19/2014 12:07:50 AM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * Sistema de eventos COM+ (EventSystem) is not Running.
   Startup Type set to: Manual
 
 * Central de Segurança (wscsvc) is not Running.
   Startup Type set to: Automatic
 
 * Atualizações Automáticas (wuauserv) is not Running.
   Startup Type set to: Automatic
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  127.0.0.1 007guard.com
  127.0.0.1 www.007guard.com
  127.0.0.1 008i.com
  127.0.0.1 008k.com
  127.0.0.1 www.008k.com
  127.0.0.1 00hq.com
  127.0.0.1 www.00hq.com
  127.0.0.1 010402.com
  127.0.0.1 032439.com
  127.0.0.1 www.032439.com
  127.0.0.1 0scan.com
  127.0.0.1 www.0scan.com
  127.0.0.1 1-2005-search.com
  127.0.0.1 www.1-2005-search.com
  127.0.0.1 1-domains-registrations.com
  127.0.0.1 www.1-domains-registrations.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
 
  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 04/19/2014 12:08:38 AM
Execution time: 0 hours(s), 0 minute(s), and 47 seconds(s)
 
What does the entry in bold above mean?
 
Thank you for your attention.

Francis

Edited by hamluis, 19 April 2014 - 10:31 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users