how to remove 399406.EXE

Discussion in 'ESET Smart Security' started by sxe, Apr 1, 2009.

Thread Status:
Not open for further replies.
  1. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    It keep on connecting and using my internet connection? how to remove this file?

    Is this a virus?
     
  2. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    This sounds like a piece of malware to me. Have you tried running an in-depth scan with your ESET Smart Security product fully up-to-date with the latest virus signature database, 3982? Also, can you locate where the malicious file is located (e.g: C:\WINDOWS\SYSTEM32 or C:\Program Files\...\)

    Regards,

    Mark.
     
  3. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Yup i already in-depth full scan my system, but seems no virus detected.

    Im using the latest Eset 4 version with latest virus signature database 3982

    The file is located at C:\WINDOWS\SYSTEM32\634055\399406.EXE

    here's the screenshot
    http://img16.imageshack.us/img16/787/virusxgd.jpg
     
  4. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    If there's a weird file name like that in your SYSTEM32 folder then it's more than likey a virus. Since ESET's latest virus signature isn't detecting it as a virus, I would send the file to ESET using funkydude's directions so that hopefully in the next virus signature update, EAV/ESS will be able to detect it.

    In the meantime, you can download and install free on-demand antimalware scanners such as AntiMalwareBytes and SUPERAntiSpyware and run them in SafeMode. You can enter safe mode by hitting F8 a bunch of times during boot-up. Make sure both products are up-to-date before scanning with them.

    Regards,

    Mark.

    Try using either MalwareBytes or SUPERAntiSpyware (or both) and see what they report. Official site for download is above.
     
    Last edited: Apr 2, 2009
  5. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    If you believe your computer is infected with malware that is not detected by ESET Smart Security, then create a .ZIP or .RAR file protected with a password of "infected" containing the suspicious files and send it, along with an ESET SysInspector log file, to ESET's virus lab for further analysis.

    You can download a copy of ESET SysInspector from http://www.eset.com/download/sysinspector.php and run it to create a log file.

    The email address for ESET's virus lab is support@eset.sk.


    Regards,

    Aryeh Goretsky
     
  6. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Thank You guys, file sent.

    =]
     
  7. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hopefully it will be added in the next virus signature database update. Did you try any of the two Antimalware programs I suggested as well to see what they could detect?
     
  8. The PIT

    The PIT Registered Member

    Joined:
    Sep 4, 2008
    Posts:
    185
    Try scanning with malwarebytes antimalware see if that finds anything.
     
  9. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Virus Deleted.

    Win32/FlyStudio.NIV trojan

    Thank You Eset
     
  10. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    Glad to here the infection is gone and that it's been added to ESET's virus signatures.

    Regards,

    Mark.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.