Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Problems with Rkill, not infected


  • Please log in to reply
3 replies to this topic

#1 AbeN468

AbeN468

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern California
  • Local time:03:04 AM

Posted 15 February 2011 - 10:26 AM

Hey Everyone,

So I had a quick question. I downloaded rkill.exe to my non-infected laptop to use on another computer that I was trying to remove some malware. Before burning a CD I thought I'd try using rkill on my own computer to see what it was like (I guess a bad idea?). Anyway, after running it I've run into several issues, even after restarting the computer. Every time I try running a shortcut on my desktop I get the error: "This file does not have a program associated with it for performing this action. Create an association in the Set Associations control panel." This error also came up when I tried running the malwarebytes installer, so its not just shortcuts. Strangely, when I click the firefox shortcut I'll get that error, but if I go to start and click on Internet it will open. Also, a couple programs that usually start-up with my computer have stopped, like RightMark CPU Clock Utility (which I use to undervolt my laptop and monitor temps) and I feel like there should be a couple more icons in the lower right, but I can't put my finger on it. Anyway, any help would be greatly appreciated! Oh, and here is my rkill.log:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 02/15/2011 at 0:18:08.
Operating System: Windows ™ Vista Home Premium


Processes terminated by Rkill or while it was running:

C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\InfDefaultInstall.exe
C:\Windows\SysWOW64\runonce.exe


Rkill completed on 02/15/2011 at 0:18:16.

Thanks!
AbeN468

Edit: Oh, btw the firefox.exe stuff may have been terminated by me. I think I closed it right after I started rkill. I am thinking it either has something to do with those other 2 exes, or the with the registry file that gets imported

Edited by AbeN468, 15 February 2011 - 10:37 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,190 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:04 AM

Posted 15 February 2011 - 11:28 AM

It looks like a file association issue.

or XP
Go here to Doug KNox's Windows® XP File Association Fixes
Run 9th down on left... EXE File Association Fix ... the EXE not EML one.



FOR VISTA
Go to File association fixes for Windows Vista

Click the exe box
Instructions:
To fix the association for a particular file type, download the corresponding fix from the above links table (Use Right-click - Save as option in your browser to download the fixes). Unzip the fix and extract the .REG file to the Desktop. Right-click the REG file and choose Merge. Note that you need to be an administrator to apply these fixes.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 AbeN468

AbeN468
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Northern California
  • Local time:03:04 AM

Posted 16 February 2011 - 01:17 AM

Thank you boopme! I ran the registry file for the .exe association on vista and that seemed to do the trick. When I restarted all my start-up programs ran as normal also. I think it may have just been the .exe association, but I'll bookmark that website in case I run into any others. Thanks again!

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:04 AM

Posted 16 February 2011 - 08:20 AM

I thought I'd try using rkill on my own computer to see what it was like (I guess a bad idea?). Anyway, after running it I've run into several issues, even after restarting the computer.

RKill is not a comprehensive malware removal tool...it is a specific utility designed to terminate the most common malicious processes that prevent other security tools from being executed and used to disinfect the system. When RKill is able to terminate these processes and fix certain registry keys, that usually allows other tools to perform scans and clean up routines to remove the infection.

All files listed in an RKill log are not necessarily malware related. The list of processes shown as terminated are any processes that were killed while RKill was running even if those processes were not terminated directly by RKill.

If you are you able to run Malwarebytes Anti-Malware and other security tools without them terminating, there is no need to run Rkill. Using this tool is only necessary to fix the most common malware processes that stop us from using security tools and completing scans so its not required in all situations.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users