Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

RogueKiller, RKQuarantine won't load.


  • Please log in to reply
4 replies to this topic

#1 bakedalaskan66

bakedalaskan66

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 26 March 2014 - 10:38 AM

When I try to run RogueKiller, RKQuarantine or even AVG it states that I don't have appropriate permission to run this. Or my security settings don't allow this type of file to be run.

I do have MSE installed to give me some sort of protection, Where do I start to fix this issue?

Thank you in advance for the help.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:21 PM

Posted 26 March 2014 - 08:03 PM

Hello -

I note that you mention that you mention 2 Antivirus Programs listed. AVG and MSE.

Please follow the correct methods to remove the one that you would prefer to remove, and Update the one you wish to keep.

 

Please try to download this and Right click on it, then select Run as Administrator.

 

Please download RKill (courtesy of BleepingComputer.com) to your desktop.

This is very similar to RogueKiller by Tziggy, but it was developed at Bleeping Computer.

There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

* Double-click on the Rkill desktop icon to run the tool.
* NOTE : If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed, if using other tools also.
* If the tool does not run from any of the links provided, please let me know.

 

NOTE - If normal mode still doesn't work, run the tool from safe mode (but try Normal Mode first)
When the scan is done Notepad will open with RKill log.

Copy and Paste it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.



#3 bakedalaskan66

bakedalaskan66
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 27 March 2014 - 10:57 AM

I tried to update my AVG, group policies doesn't allow access to this program.
I tried to run the rkill_exe and it has found that it is potentially harmful.
I am working on that now.



#4 bakedalaskan66

bakedalaskan66
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 27 March 2014 - 11:36 AM

It still won't let me run AVG.... grrrrrrrr



Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/27/2014 09:30:59 AM in x64 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\system32\SU-T2.exe (PID: 3028) [WD-HEUR]
 * C:\Windows\SysWOW64\MDM.EXE (PID: 5620) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

 * BFE [Missing Service]
 * BITS [Missing Service]
 * iphlpsvc [Missing Service]
 * WinDefend [Missing Service]
 * wscsvc [Missing Service]
 * wuauserv [Missing Service]

 * MpsSvc [Missing ImagePath]
 * SharedAccess [Missing ImagePath]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com

  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 03/27/2014 09:32:53 AM
Execution time: 0 hours(s), 1 minute(s), and 53 seconds(s)



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:21 PM

Posted 27 March 2014 - 07:14 PM

I tried to run the rkill_exe and it has found that it is potentially harmful.

Hello -

This is why I leave at least 2 RKill links, rather than just one.

 

It has dragged 2 infections to the surface, and they may be the cause of problems.

 

With all tools given, you must download to desktop to run them.

NOTE : If using Vista or Windows 7 right-click on it and choose Run As Administrator.

 

Sorry if you are still having problems, but the Experts area may be better to help you.

We need to run more scans, and these can not be done in this area ......

 

If you wish more assistance, please Fully read and follow the instructions in the Preparation Guide For Requesting Help starting at Step #6.

 

If you are unable to complete any step, still post the topic and leave a full description of your problems.

 

When you have done that, start a new topic and post the required logs to  Malware Removal Logs forum, NOT Here, for assistance by the Malware Response Team Experts.

 

Please Use Copy / Paste for your responses, and Do Not Attach them unless your helper requests this.

 

If HelpBot responds to your topic, please follow his Step #1 so the team will be notified.

 

After posting there, please reply back in this thread with a link to the new topic so we can close this one.

This will prevent others from following advice that the Experts do not want you to perform.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users