Posted 17 February 2010 - 07:43 PM
I was recently infected with Virtumonde. I thought I had gotten rid of it with the rkill/MBAM combo, but it - and other trojans - are occasionally sneaking on. At the moment, AVG Free, MBAM and S-S&D find nothing; sometime in the next few days that will likely change, if previous patterns hold true.
I'm not visiting any websites that would dump anything on to my system, nor downloading anything suspicious.
Before, when I ran rkill, it was in safe mode and Chrome was not running. I tried running it just now, when Chrome was active, and it killed all of the active Chrome processes (I believe there's one ofr each extension.) If there's not one for each extension? Well, there's part of the problem.
I tried uninstalling Chrome, and then reinstalling it. The extensions and bookmarks remained, so the uninstall was clearly a partial one. A little research suggests that Chrome leaves behind a few configuration files and registry keys.
My Chrome is 126.96.36.199 (38071)
My main question is: does rkill always identify this version of Chrome as a malware process? If not, and Chrome is infected in a way that isn't being found by the various programs I'm using, then how can I scrub Chrome completely out of my system?