Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
1 reply to this topic

#1 dobbin


  • Members
  • 6 posts
  • Local time:02:59 PM

Posted 21 February 2008 - 04:14 AM

Yesterday, AVG identified this which is located in the BT Broadband desktop help as a virus.
Threat Backdoor.darkbot.H
It initially found it in path C\documents and settings\owner\local settings\temp\pskill.exe
This was when I was running a Spybot scan. It was put in virus vault.
This would appear to be a false positive. Others with BT broadband also had this according to AVG forums.
However a search shows it is a potentially unwanted item so I need to know whether I can safely remove it or at least leave it in the virus vault.
BT desktop help still functions as far as I can tell.
Incidentally the "virus" popped up again when I was looking for a document but was in a different path (see below) I isolated it in the virus vault. I then did a full system scan and it found the same item in the same path and location so I now have two identical items in the virus vault with the same path. Path was C.\windows\motive\btbb\pskill.exe in the last two cases.
Ran further AVG update of defintions this morning and it loooks like they may have fixed the false positive issue as if I click on the restore option in virus vault a warning no longer pops up.
Can anyone advise on if it is a necessary item or if it can be safely deleted.
I am using XP home with SP on a HP Pavillion.

BC AdBot (Login to Remove)


#2 dark messenger

dark messenger

  • Members
  • 1,741 posts
  • Gender:Male
  • Location:Auckland NZ
  • Local time:02:59 AM

Posted 21 February 2008 - 04:42 AM

Have you triend using a different virus scan like trend micro house call?

pskill.exe is not a virus, nor any other kind of malware. Yet, its ability to kill any process locally and remotely (provided the user launching it has got the required privileges on the system) made some malware developers use it for their own unfriendly purposes.

from here (2nd post)

So you may have malware on your computer anyways, Click here and create a new post, saying exactly what you have here, and they will be able to help you more.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users