Jump to content
  • 0

87dke3Fr.exe

Yamagata 1st MRB

Asked by Yamagata 1st MRB,

 Share

Question

Yamagata 1st MRB Presidential Poster

Yamagata 1st MRB

Posted
Posted

This cannot be deleted, it uses up cpu and lags the network connection. Ending the process doesn't work, it starts back up. You cannot delete the file from the system because it is always in use (There may be a way to unfreeze the folder with MalwareBytes) And it is hidden in the registry.

Any clues as to what it is and how to remove it?

5 answers to this question

Recommended Posts

  • 0
Elder Forum Blow-Up Doll

Elder

Posted
Posted

seeing that it's a .exe... it's a command file, so it could probably be some sort of virus... and yes, I know that i'm not that good with all the problems with computers, but I know my way around ;)

  • 0
Dillon 1st MRB Forum Spammer

Dillon 1st MRB

Posted
Posted

Use process explorer (google it in quotes) and you can find what program launches it.

I would also look at using Hijack This (see the other post about Marsden needing help).

But, I would first try malwarebytes. www.malwarebytes.org.

  • 0
Francoeur Forum Pupil

Francoeur

Posted
Posted

Reboot your computer in safe mode. This keeps drivers and startup apps from launching. Then you can go and find the offending .exe and delete it.

Also go to Start > Run > regedit32 search for runonce When it finds the keys you actually want to go to run. It will be right next to runonce. Look in this key and see if this .exe is called in there. If so highlight the line and delete it.

Look me up in vent when I'm around and I can talk you through this if you don't feel comfortable. Any changes to the registry could have a desasterous effect. Do this only if you feel comfortable doing it.

MSgt. Francoeur

  • 0
Yamagata 1st MRB Presidential Poster

Yamagata 1st MRB

Posted
  • Author
Posted
Use process explorer (google it in quotes) and you can find what program launches it.

I found that program, I'll be suggesting it.

I would also look at using Hijack This (see the other post about Marsden needing help).

Good suggestion. Hijackthis is a great program, I will suggest it.

But, I would first try malwarebytes. www.malwarebytes.org.

I mentioned that in my first post, it's on the list of things to try.

Reboot your computer in safe mode. This keeps drivers and startup apps from launching. Then you can go and find the offending .exe and delete it.

It does not appear in safe mode.

Also go to Start > Run > regedit32 search for runonce When it finds the keys you actually want to go to run. It will be right next to runonce. Look in this key and see if this .exe is called in there. If so highlight the line and delete it.

It is apparently hidden/not found in the registry, but I'll mention the runonce as a place to check.

Look me up in vent when I'm around and I can talk you through this if you don't feel comfortable. Any changes to the registry could have a desasterous effect. Do this only if you feel comfortable doing it.

Luckily it's not on my computer, it's on my professor's computer.

I've asked my CS prof about it too, he suggests booting from a Linux boot disk and then try to delete the file/end the process.

Thanks for the suggestions everyone.

  • 0
Dillon 1st MRB Forum Spammer

Dillon 1st MRB

Posted
Posted

If I remember correctly, I think you are dealing with a virtumondo/virtumumdo type of issue. These are 2 or 3 layer issues. The file you are dealing with, if deleted, will be respawned by a backup process that only exists to spawn the exe again. And sometimes, there is another backup process that only spawns the other process. These can be real bears to remove. I'd go malwarebytes, full scan, and see what happens.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Recent Posts

    • gOOse GaGGLeR BAR
      Ban Report :: Germ-E-Nader [Germinator]

      By gOOse GaGGLeR BAR · Posted

      Name: Germ-E-Nader [Germinator]   Steam I.D: STEAM_0:0:520043914   Duration of Ban: Permanent   Reasons for the Ban: Racism   Demo Provided?: N   Comments: Started into a political, racist rant in chat. He was warned by Keebler, DapperxDuck, and myself of the consequences of continuing. He didn't listen.
    • Samuels 1st MRB
      Unban Request :: Azilla

      By Samuels 1st MRB · Posted

      This is under deliberation by our MP staff.  We will notify you of a decision when one is made.
    • Furgeson 1st MRB
      [Approved Discord - HLL030] Enlistment Application B. Calypso

      By Furgeson 1st MRB · Posted

      Welcome to the 1st Marine Raider Battalion! Now that you have been accepted don't forget to: 1. Check in at the Recruit Depot 2. Read the Marine Raider Handbook (you are expected to know everything in it) 3. Change your steam friends Avatar 4. Download, install and log into Discord NOTE: Please be aware that you will not have access to the above links until an officer has given you full access to the forum. Access to the forum should be given to you within the next day.
    • Calypso 1st MRB
      [Approved Discord - HLL030] Enlistment Application B. Calypso

      By Calypso 1st MRB · Posted

      I read and understood stand this  
    • Furgeson 1st MRB
      [Approved Discord - HLL030] Enlistment Application B. Calypso

      By Furgeson 1st MRB · Posted

      MARINE CORPS ENLISTMENT OFFICE Camp Pendleton, CA   RECRUITMENT LETTER     Hello B. Calypso, Thank you for taking interest in joining the 1st Marine Raider Battalion.   During your trial period the following will occur: Once accepted as a Recruit, you will remain as a Recruit for 2 weeks from the day of your acceptance until the next BCT Class is offered. During your time as a recruit, it is highly encouraged to play within the Public Server and join Discord with our other members. Upon acceptance, you will be contacted by one of our DIs when the next available BCT is scheduled via the appropriate Discord channel.   We have a BCT class every two weeks. Please keep an eye out for when the next one is made available once you've completed your time requirements!   Upon stating that you understand all the information here, an admin will change your forum name and login to be :   Calypso 1st MRB   Take the time now to change your Steam and in-game name to:   Rec. B. Calypso [1st MRB] (Example: Rec. J. Doe [1st MRB])   Please make sure to verify your forum account by checking your email. Also, please respond below with a reply showing that you have read and understand these rules. You cannot be fully accepted until you do so. We have a limit on the time to reply, if you do not do so within 48 hours, your application will be denied. Once you reply, you will be approved for your trial period unless otherwise posted.  
×
×
  • Create New...