Results 1 to 2 of 2

Thread: RKill security tool

  1. 13-07-2010 #1
    SoftWore
    SoftWore is offline Member
    Join Date
    Nov 2009
    Posts
    583

    RKill security tool

    RKILL Security tool


    Problem :
    False security alerts in an attempt to make you download a fake antivirus which is nothing but a scam. By scanning your machine, it will make you believe that all your programs are infected. Unable to run any program including disinfection tools. Types of infection here is Rogues. Security Tool is part of the family of rogues, it caught downloading fake codecs in order to watch a pornographic video, but also through cracks and trapped by exploits on websites.


    Tools to use :
    - rkill.com (neutralize the process responsible for the infection)
    - Malwarebytes
    - ComboFix

    If you can restore your PC before attempting the problem because in many cases solves the problem of this infection. Then go to check, one of the software available for disinfection.


    Preliminaries :
    - If you have Vista or 7, you must disable the UAC time of disinfection.
    - If you have TeaTimer (Spybot resident), disable it, or it may interfere with disinfection.
    ------- Start Spybot, click Mode, select Advanced Mode.
    ------- On the left, click Tools, then Resident.
    ------- Uncheck the box in front Resident "TeaTimer" then quit Spybot.
    Reply With Quote Reply With Quote
  2. 13-07-2010 #2
    SoftWore
    SoftWore is offline Member
    Join Date
    Nov 2009
    Posts
    583

    Re: RKill security tool

    Methods of disinfection
    Neutralize security Tool :
    Security Tool blocking the execution of programs in most cases, the use of tools disinfection is impossible. To control infection, it must first:
    - Restart the PC in safe mode,
    - Tap the F8 or F5 to start the PC before the Windows logo
    - On the menu, choose Safe Mode and confirm with Enter
    - Run msconfig
    - Click on the menu Start -> Run, type msconfig and click OK.
    - Click on Start in the upper right corner of msconfig
    - Identify the window in a row with a string of numbers -> (ex: 61385932.exe)
    - Uncheck this line, click OK, then restart the computer.
    - On restarting the PC, it is possible that a window opens to inform you that the PC is in selective startup, just to see this message, check the bottom left.
    - Security Tool is for mostly accompanied by other malware, go to the following disinfection (Malwarebytes. ..)


    Rkill :

    - Download Rkill
    - Double-click it to launch. It will automatically stop all processes associated with the Security Tool and other rogues. Be patient because the software can take time! Once completed, the software closes simply, this is normal. You can skip to the result of disinfection.
    - If you have a message that indicates that Rkill is an undesirable, just ignore it and start again after disabling the software Rkill considering it as harmful.


    MalwareBytes Anti-Malware :
    - Download MalwareBytes Anti-Malware (by Rubber Ducky) on your desktop.
    - Install the software.
    - If missing the COMCTL32.OCX, you can download it
    - Make updates (Click on Updates and search for updates).
    - Run MalwareBytes' Anti-Malware, click "Run a full review" then "Search", select all your drives and click "Start Review".
    - Once the scan is finished, click "results" then click "Remove Selected" (If a message asks to restart the PC, agree?)


    Combofix :
    This software is for use as prescribed by a qualified and trained helper tool. Do not use outside of this scenario: dangerous!

    - download it
    - Choose "Save Link As ..."
    - Choose the Bureau as a destination.
    - In the field "Filename", rename ComboFix.exe to CCM.exe example, then save.
    - Warning: The stage of renaming is required lest display the message "ComboFix.exe is not a valid win32 application" and thus make it totally ineffective.
    - Disable your defenses (anti-virus, anti-spyware, etc. ..) and close all applications and programs !
    - Double-click CCM.exe to start the fix (Vista users must right-click CCM.exe and choose "Run as administrator").
    - Accept the warning message. For XP : accept the installation of the "Recovery Console" is a must!
    - Then let the tool work and not touch anything! Note : it may be that the PC restarts itself (to finalize the clean-up), let it do. If the tool anonce this: "combofix has detected the presence of rootkit and need to reboot your machine", accept.
    - The report will be created under the root: C: \ Combofix.txt

    More help on RKill can be found here
    How to use rkill
    Running Rkill to rid Antivirus
    Reply With Quote Reply With Quote
« Wireless connection problem with BD-C6500 | How to download torrents faster? »

Similar Threads

  1. How to get rid of Security Tool
    By first-born in forum Networking & Security
    Replies: 4
    Last Post: 04-12-2010, 10:30 AM
  2. Security tool Hoax
    By triop in forum Networking & Security
    Replies: 4
    Last Post: 28-10-2010, 06:06 PM
  3. Malwarebytes won't run, rkill not working for removing Security Tool
    By Namuchi in forum Networking & Security
    Replies: 5
    Last Post: 15-07-2010, 03:10 AM
  4. Windows security alert "Application cannot be executed" and also Rkill is not working
    By Abhik in forum Networking & Security
    Replies: 6
    Last Post: 30-05-2010, 06:20 AM
  5. Tool request: NSAT (network security analysis tool)
    By Isiah in forum Networking & Security
    Replies: 5
    Last Post: 12-05-2010, 10:17 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

Page generated in 1,713,287,847.31634 seconds with 16 queries