BleepingComputer.com: Problems with Rkill, not infected

Hey Everyone,

So I had a quick question. I downloaded rkill.exe to my non-infected laptop to use on another computer that I was trying to remove some malware. Before burning a CD I thought I'd try using rkill on my own computer to see what it was like (I guess a bad idea?). Anyway, after running it I've run into several issues, even after restarting the computer. Every time I try running a shortcut on my desktop I get the error: "This file does not have a program associated with it for performing this action. Create an association in the Set Associations control panel." This error also came up when I tried running the malwarebytes installer, so its not just shortcuts. Strangely, when I click the firefox shortcut I'll get that error, but if I go to start and click on Internet it will open. Also, a couple programs that usually start-up with my computer have stopped, like RightMark CPU Clock Utility (which I use to undervolt my laptop and monitor temps) and I feel like there should be a couple more icons in the lower right, but I can't put my finger on it. Anyway, any help would be greatly appreciated! Oh, and here is my rkill.log:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 02/15/2011 at 0:18:08.
Operating System: Windows ™ Vista Home Premium


Processes terminated by Rkill or while it was running:

C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\InfDefaultInstall.exe
C:\Windows\SysWOW64\runonce.exe


Rkill completed on 02/15/2011 at 0:18:16.

Thanks!
AbeN468

Edit: Oh, btw the firefox.exe stuff may have been terminated by me. I think I closed it right after I started rkill. I am thinking it either has something to do with those other 2 exes, or the with the registry file that gets imported

This post has been edited by AbeN468: 15 February 2011 - 10:37 AM

It looks like a file association issue.

or XP
Go here to Doug KNox's Windows® XP File Association Fixes
Run 9th down on left... EXE File Association Fix ... the EXE not EML one.



FOR VISTA
Go to File association fixes for Windows Vista

Click the exe box
Instructions:
To fix the association for a particular file type, download the corresponding fix from the above links table (Use Right-click - Save as option in your browser to download the fixes). Unzip the fix and extract the .REG file to the Desktop. Right-click the REG file and choose Merge. Note that you need to be an administrator to apply these fixes.

Thank you boopme! I ran the registry file for the .exe association on vista and that seemed to do the trick. When I restarted all my start-up programs ran as normal also. I think it may have just been the .exe association, but I'll bookmark that website in case I run into any others. Thanks again!

Quote

RKill is not a comprehensive malware removal tool...it is a specific utility designed to terminate the most common malicious processes that prevent other security tools from being executed and used to disinfect the system. When RKill is able to terminate these processes and fix certain registry keys, that usually allows other tools to perform scans and clean up routines to remove the infection.

All files listed in an RKill log are not necessarily malware related. The list of processes shown as terminated are any processes that were killed while RKill was running even if those processes were not terminated directly by RKill.

If you are you able to run Malwarebytes Anti-Malware and other security tools without them terminating, there is no need to run Rkill. Using this tool is only necessary to fix the most common malware processes that stop us from using security tools and completing scans so its not required in all situations.