Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Fixed malware, but have a couple questions.

  • Please log in to reply
2 replies to this topic

#1 Seq54


  • Members
  • 1 posts
  • Local time:12:23 AM

Posted 05 June 2010 - 05:06 PM

I just got hit with teh "Antivirus Soft" program (malware, ransomware). I found this forum, and used the guide here:


It looks like I am now free of it. Thank you very much for the guide Grinler!!

I have a couple questions though.

As per the guide - I ran RKILL and also ran Mbam-setup (which installed Malwarebytes Anti Malware)

I had installed a new version of Norton on my laptop (which was without protection for a bit), and noticed that Norton eliminated the RKILL thing. Deleted it right off my desktop. It did this even when I stopped AV protection in the program.
Is this normal?

2. Also, am I safe to assume that Norton will NOT see or remove an infection of this type - "Antivirus Soft" malware?

Since I got infected - and the Norton boot CD scan couldnt find it - so should I be running Malwarebytes Anti Malware program along WITH Norton?

3. I noticed after I fixed the Antivirus Soft infection - and completed the install of the new Norton - Windows blocked the startup program for Malwarebytes. I am not sure why. Is it cause of Norton, something in windows?

Thank you in advance of any info you may have.


BC AdBot (Login to Remove)


#2 Blade


    Strong in the Bleepforce

  • Site Admin
  • 12,704 posts
  • Gender:Male
  • Location:US
  • Local time:03:23 AM

Posted 05 June 2010 - 08:20 PM

Hello and :thumbsup: to BleepingComputer. Glad to hear you got your PC up and running again. :flowers:

Let's take each question separately.

1.) This is not unexpected, and is what we call a false positive. Essentially, Norton mistakenly believes that Rkill is a malicious file due to some of the methods it uses to shut down malware.

2.) No Antivirus or Antimalware tool is 100% foolproof. They are limited by their detection methods, which malware writers are continually trying to evade or disable.

3.) This sounds like a Norton thing though I'm not certain since I don't use the product. Sounds like a startup blocking program. . . if Norton is the culprit you should be able to set it to allow specific programs.

Hope that helps. Let me know if you've any further questions


Posted Image

If I am helping you, it has been 48 hours since your last post, and I have yet to reply to your topic, please send me a PM
Become a BleepingComputer fan: Facebook
Follow us on Twitter!
Circle us on Google+

#3 Layback Bear

Layback Bear

  • Members
  • 1,880 posts
  • Gender:Male
  • Location:Northern Ohio
  • Local time:02:23 AM

Posted 15 June 2010 - 03:06 PM

Seq54 what kind of security was on your computer when you got "Antivirus Soft"? :thumbsup: to Bleeping Computer. If you do a lot of reading here you surely learn a lot of things to make you and your computer happy.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users