Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No dialog w/RKUnhookerLE No Tray Icon w/AVG


  • Please log in to reply
1 reply to this topic

#1 Alanwh

Alanwh

  • Members
  • 171 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:01 PM

Posted 11 June 2010 - 01:07 PM

Hello

I have an Acer Win XP Pro that had several rogue antivirus infections that I removed in May. I have a gut feeling I still have something I couldn't get to. I say that because I have no symptoms except for an occasional browser closing unexpectedly. I also found some remnants of infection left behind within the registry but the files they point to no longer exist.

I have never been able to get a GMER log. After dozens of trys I can get as far as files being searched and the computer restarts.

On my own today I found RKUnhookerLE and downloaded it but when I checked the MD5 hash on the file it did not match. So I did a search on BC and found that others were downloading RKUnhookerLE from the same location and it was giving them a report. I downloaded and ran it but it loads in the background and no dialog appears. It runs using 50% CPU until I restart the machine.

MBAM and SAS both report nothing.

I'm running AVG and Threatfire.

On restart AVG does not have a tray icon after running RKUnhookerLE.

When I started RKUnhookerLE the last time I forgot to Suspend Threatfire and it warned me about RKUnhookerLE running as a service.

Am I just being paranoid, or do I still have something to worry about?

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,212 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:01 PM

Posted 11 June 2010 - 08:46 PM

Before performing a Anti rootkit scan it is recommended to do the following to ensure more accurate results and avoid common issues that may cause false detections.

Disconnect from the Internet or physically unplug you Internet cable connection.
Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
Temporarily disable your anti-virus and real-time anti-spyware protection.
After starting the scan, do not use the computer until the scan has completed.
When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users