Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is It Possible To Kill Process From The Run Line?


  • Please log in to reply
3 replies to this topic

#1 N3M3S1S

N3M3S1S

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:37 PM

Posted 27 January 2007 - 04:10 AM

I have two files that keep popping up and reloading into the startup msconfig screen

msmbw.exe and bias poke.exe.

I know these both have to do with the FATSO-E Worm. While i can delete the msmbw.exe file it just keeps coming back. Its because of the bias poke.exe running.

The virus has disabled taskmgr and disabled cmd prompt so i can't kill the process in normal mode. I try to boot into safe mode and get nothing but a blank screen. Can i kill these files from command prompt only mode?

I read the introductory pinned topic about doing hijack this and all that but i have a big problem:

Its impossible to run iexplorer.exe because it immediately closes the window so i cant d/l or install any antispyware/antivirus such as avg or hijackthis.

I was able to install MSN messenger and have the executables for installing adaware AND avg sent to the persons computer. However i only got adaware to install AND neither avg or spybot or hijack this would get past the 1st screen they immediately exited out.

So if anyone knows a Run command to make a process stop running in memory id surely appreciate it.

Kill [process] doesnt work in the run command that only works from cmd and like i said i can't get that running

HELP!

thank you for your time who ever responds

Nemesis

BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,697 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:37 PM

Posted 27 January 2007 - 04:16 AM

Its impossible to run iexplorer.exe because it immediately closes the window so i cant d/l or install any antispyware/antivirus such as avg or hijackthis.


Do you have access to another computer? If so, download Hijack This and the other programs to a disk or thumb drive from that computer and install them from that. Don't worry about doing the on-line scans. When you post your HJT log, give a brief descriptive title, a concise summary of your problems and what you've tried, what worked and didn't work.

After you post your log, DO NOT make any further changes to your computer: deleting files, editing the registry, using special fix tools, installing or uninstalling software etc. as this will make it more difficult for the HJT team to help you.

Please be patient as the HJT team is very busy. DO NOT bump your log as the team may think that someone is already helping you. If you have not had a response in five days, add a response to the five days no response topic and paste in the link to your thread.

Orange Blossom :thumbsup:

Edited by Orange Blossom, 27 January 2007 - 04:16 AM.

Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:03:37 AM

Posted 27 January 2007 - 05:56 AM

To kill processes from the command prompt read this
Suggest you follow the directives from Orange Blossom

#4 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:09:37 PM

Posted 27 January 2007 - 08:23 AM

The HiJackThis logfile is the key here. The HJT Team will help you to clean this crap off of your system, but you'll have to be patient.

Just killing off a process or two isn't going to cure your woes - this appears to be a fairly sophisticate attack and it could easily defeat your attempts to bypass it.

Download a copy of HiJackThis on another computer and copy it to a CD or a flash drive - then run it on the infected system so you can post a HJT log.
My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users