|
| Computing.Net: Over 1,000,000 posts about all things technology related! Over 90% answered within 24 hours! Click here to sign up now, it's free! |
mainkey.exe referenced in startup
|
Original Message
|
Name: Mike Romete
Date: January 17, 2005 at 07:14:34 Pacific
Subject: mainkey.exe referenced in startupOS: Windows XP SP2CPU/Ram: I don't know. |
Comment: Hello. My first post here. We have a machine that's been infested with various spyware/adware, which I'm removing as I can. One thing puzzles me very much. There's a "mainkey.exe" in startup. It keeps coming back, no matter how I try to remove it. When I renamed the exe, in the Windows directory, another got made in its place. When I remove the entry from startup, it gets replaced, too. This reminds me a lot of the KALVSYS thing, but I'm not sure what to do with this. I'm using NAV and Spybot 1.3, and neither seems to notice it. Any ideas? Thanks. Micro
Report Offensive Message For Removal
|
|
Response Number 1
|
Name: Mike Romete
Date: January 17, 2005 at 07:37:32 Pacific
|
Reply: Ack. I forgot to mention yekniam.dat! NAV keeps telling me it found PWSteal.Trojan in a file called yekniam.dat in the temp folder in Local Settings. (I am going by memory, because I don't even that machine turned on yet this morning.) I reboot in Safe Mode and delete it, but it keeps coming back, too. :-( Micro
 Report Offensive Follow Up For Removal
|
|
Response Number 2
|
Name: Sabertooth
Date: January 17, 2005 at 08:24:20 Pacific
|
Reply: See Response Number 3 from here, it has the tools and tips to fix the problem. B4 you criticize a bigger man, walk a mile in his shoes. That way, you're a mile away, and you have his shoes.
Report Offensive Follow Up For Removal
|
|
Response Number 3
|
Name: Mike Romete
Date: January 17, 2005 at 11:15:16 Pacific
|
Reply: Thank you. I think this worked: I (1) deleted the mainkey process, then (2) renamed the mainkey.exe in the Windows folder, then (3) removed the mainkey item from startup. I have rebooted several times, and it hasn't reappeared. Apparently, the yekniam.dat was indeed associated with the mainkey exe and process, because it disappeared when I deleted the process and hasn't come back yet. Micro
Report Offensive Follow Up For Removal
|
|
Response Number 4
|
Name: Sabertooth
Date: January 17, 2005 at 14:43:20 Pacific
|
Reply: Good job. B4 you criticize a bigger man, walk a mile in his shoes. That way, you're a mile away, and you have his shoes.
Report Offensive Follow Up For Removal
|
Post Locked
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
Go to Security and Virus Forum Home
Results for: mainkey.exe referenced in startup
Qcce.exe file in startup - locks up Summary: Today my computer started freezing up, and occationally reboots on its own. This is now happening within 5 to 10 minutes after reboot. This doesn't appear to happen in safe mode. I deleted and uninsta... www.computing.net/answers/security/qcceexe-file-in-startup-locks-up/12011.html
Can't get rid of CWS.msconfig.exe Summary: Hi jabuck Msconfig runs ok. No msconfig.exe running in startup My startup page http://members.surfeu.at/org2/org2.htm NetPal is an dialer I use when my ISP is down or slow, I've had it for years. But ... www.computing.net/answers/security/cant-get-rid-of-cwsmsconfigexe/17680.html
Virus problem disabling internet Summary: Using start/run/msconfig uncheck wksys.exe entry in Startup flag and check \safeboot in Boot.ini, machine will restart in safemode. Delete wksvs.exe*.pf in windows\prefetch folder and wksvs.exe in win... www.computing.net/answers/security/virus-problem-disabling-internet/13770.html
|
|
|
