how to remove 399406.EXE

Discussion in 'ESET Smart Security' started by sxe, Apr 1, 2009.

Thread Status:
Not open for further replies.
  1. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    It keep on connecting and using my internet connection? how to remove this file?

    Is this a virus?
     
  2. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    This sounds like a piece of malware to me. Have you tried running an in-depth scan with your ESET Smart Security product fully up-to-date with the latest virus signature database, 3982? Also, can you locate where the malicious file is located (e.g: C:\WINDOWS\SYSTEM32 or C:\Program Files\...\)

    Regards,

    Mark.
     
  3. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Yup i already in-depth full scan my system, but seems no virus detected.

    Im using the latest Eset 4 version with latest virus signature database 3982

    The file is located at C:\WINDOWS\SYSTEM32\634055\399406.EXE

    here's the screenshot
    http://img16.imageshack.us/img16/787/virusxgd.jpg
     
  4. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    If there's a weird file name like that in your SYSTEM32 folder then it's more than likey a virus. Since ESET's latest virus signature isn't detecting it as a virus, I would send the file to ESET using funkydude's directions so that hopefully in the next virus signature update, EAV/ESS will be able to detect it.

    In the meantime, you can download and install free on-demand antimalware scanners such as AntiMalwareBytes and SUPERAntiSpyware and run them in SafeMode. You can enter safe mode by hitting F8 a bunch of times during boot-up. Make sure both products are up-to-date before scanning with them.

    Regards,

    Mark.

    Try using either MalwareBytes or SUPERAntiSpyware (or both) and see what they report. Official site for download is above.
     
    Last edited: Apr 2, 2009
  5. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    If you believe your computer is infected with malware that is not detected by ESET Smart Security, then create a .ZIP or .RAR file protected with a password of "infected" containing the suspicious files and send it, along with an ESET SysInspector log file, to ESET's virus lab for further analysis.

    You can download a copy of ESET SysInspector from http://www.eset.com/download/sysinspector.php and run it to create a log file.

    The email address for ESET's virus lab is support@eset.sk.


    Regards,

    Aryeh Goretsky
     
  6. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Thank You guys, file sent.

    =]
     
  7. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hopefully it will be added in the next virus signature database update. Did you try any of the two Antimalware programs I suggested as well to see what they could detect?
     
  8. The PIT

    The PIT Registered Member

    Joined:
    Sep 4, 2008
    Posts:
    185
    Try scanning with malwarebytes antimalware see if that finds anything.
     
  9. sxe

    sxe Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    25
    Virus Deleted.

    Win32/FlyStudio.NIV trojan

    Thank You Eset
     
  10. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hello,

    Glad to here the infection is gone and that it's been added to ESET's virus signatures.

    Regards,

    Mark.
     
Thread Status:
Not open for further replies.