Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rkill results - infected or not...need help deciphering


  • Please log in to reply
1 reply to this topic

#1 sugarcane64

sugarcane64

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Louisiana
  • Local time:12:46 PM

Posted 24 August 2010 - 06:00 PM

My son has a laptop and thinks it is running slower lately, locks up with a few pop-ups every now and then. I suggested Malwarebytes and SuperAntispyware but they arent picking anything up. I then suggested RKill and when he runs that program he gets these results:





This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as George A. Blanchard on 08/24/2010 at 17:53:38.


Processes terminated by Rkill or while it was running:


C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Users\GEORGE~1.BLA\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\George A. Blanchard\mystuff\rkill.com


Rkill completed on 08/24/2010 at 17:53:46.



Does this indicate a virus or infection? What would be the next step? His laptop has Windows Vista. Thanks guys!

Edited by sugarcane64, 24 August 2010 - 06:03 PM.


BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:01:46 PM

Posted 24 August 2010 - 07:41 PM

Hi,
Those look a little odd, but again, it's hard to tell as it does seem that it terminated some Norton processes as well. I can't tell for sure, but he might be infected.

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users