Jump to content
Posted 01 February 2011 - 03:51 PM
Posted 01 February 2011 - 03:56 PM
On a final note, when you download and run RKill, certain anti-virus programs may state that the program is a security risk. This is because some of the tools used by RKill can be used for good or bad, though the programs themselves are perfectly harmless, and most anti-virus programs just lump them into the bad category. I assure you we are using them only for good purposes
A scan from virustotal.com as of 12/02/10 shows the following AV vendors flagging RKill as:ClamAV 0.96.4.0 2010.12.02 PUA.Packed.PECompact-1 eSafe 22.214.171.124 2010.12.02 Suspicious File F-Prot 126.96.36.199 2010.12.01 File is damaged Sophos 4.60.0 2010.12.02 NirCmd
Please be assured that there are no Trojans or infections within RKill.
If you have any other questions about RKill, feel free to post them in the topic. Do not, though, ask questions about how to get RKill to run, unless you can provide a better method to get around the malware blocking it. Also please do not ask about how to remove specific malware. Those questions should be asked in the forums listed earlier in the topic.
- Major rewrite of the program to be more effective.
- No longer terminates explorer as that was restarted applications running from Runonce.
- Uses a whitelist for displaying the processes that were killed. This is so it no longer shows itself as being killed and some other processes that were always displayed in Vista and Windows 7 even though Rkill didn't terminate them.
- Cleaned up output.
The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)
A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)
"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)
Posted 02 February 2011 - 11:57 AM
From what you describe, that appears to be a separate issue and a sign of a more serious malware infection. Disinfection will probably require the use of more powerful tools than we recommend in this forum. Before that can be done you will need you to create and post a DDS log for further investigation.
AVG Anti-Spyware which quarantined USERINIT.EXE, WINLOGON.EXE and IEXPLORE.EXE
Posted 02 February 2011 - 11:06 PM
Posted 03 February 2011 - 07:44 AM
0 members, 0 guests, 0 anonymous users