Tech Support banner

Status
Not open for further replies.
1 - 11 of 11 Posts

·
Registered
Joined
·
62 Posts
Discussion Starter #1
This is a problem that my friend is having and I couldn't figure out what to do with it. She uses AVG 7.1 Anti-Virus software. When she runs it, the program finds the following 4 files as "potentially harmful program PsKill"

PsKill.exe C:\system volume information\_restore{B96F6340-C130-4B60-A7FA-79E41C2CFC6F}\A0001303.INS:\C:\OEMCUST\TOOLS\WIN32\PSKILL.EXE

A0001303.INS C:\system volume information\_restore{B96F6340-C130-4B60-A7FA-79E41C2CFC6F}\A0001303.INS

PsKill.exe C:\system volume information\_restore{B96F6340-C130-4B60-A7FA-79E41C2CFC6F}\A0001304.INS:\C:\OEMCUST\TOOLS\WIN32\PSKILL.EXE

A0001304.INS C:\system volume information\_restore{B96F6340-C130-4B60-A7FA-79E41C2CFC6F}\A0001304.INS

Norton with all its updates can't find them, ADaware cannot find them either. I have checked out the Norton website and the closest information there is related to Backdoor.Hale and Backdoor.EggHead...

What exactly are they? How can we get rid of them?

Thanks
 

·
Registered
Joined
·
1,097 Posts
You have some infected files in your System Volume Information folder. This is where your restore points for System Restore are kept. The best way to get rid of infected files here is to purge/remove the restore points. You can do this by turning System Restore off, and then turning it on again.

You will also have to remove the offending files and folders from your file system also. It would be best if you allowed the boys and girls on the HijackThis log help forum to assist your friend, because she may have other infections.

Tell your friend to download HijackThis. Unzip it to a permanent location and run the program. Click where it says "Do a system scan and save a log file", but don't fix anything yet. Copy and paste the contents of the log file to the HijackThis Log Help forum (not this forum). The analysts there will scan the log file and help your friend remove the infection.
 

·
Citizen of the world
Joined
·
51,042 Posts
PSKILL is not a virus or malware, it's just being targeted because it has potential uses that way.
 

·
Registered
Joined
·
1,097 Posts
Never question Norton! :smile:

It might not be a virus, but if the owner of the computer didn't personally put it there, then it doesn't belong on the system.
 

·
Registered
Joined
·
23 Posts
Resolution said:
Never question Norton! :smile:

It might not be a virus, but if the owner of the computer didn't personally put it there, then it doesn't belong on the system.
Aye, and if Norton doesn't find anything, it is not considered a severe enough threat. Sure, if you don't have the AntiSpyware edition (or 2006), you won't find any adware/spyware either. But since Adaware couldn't find it, I'd say just leave it there or remove it manually if you don't recognize where it's from.
 

·
Registered
Joined
·
1 Posts
I have PsKill.exe on my pc, i have a packard bell system and SMART RESTORE uses it , if i delete it it is difficult to format or create backup cd's. As long as you have a good firewall and use caution and common sense i dont see it as harmful
 

·
Registered
Joined
·
1 Posts
PSKill

Hi Folks,

I joined here looking to solve the problem of suddenly seemingly infected by PsKill too, I was in a panic!

As with some earlier posts here too I had this problem come up with a Packard Bell System which I had for the last two years been running with Norton Anti-Virus Software on one of my newer 'puters and when this ran out, package deal when I bought this 'puter, I had added my trusted AVG 7.1. Ran scan and Duh!!!

Those same infected files! And could not Delete!

Resolution said:
You have some infected files in your System Volume Information folder. This is where your restore points for System Restore are kept. The best way to get rid of infected files here is to purge/remove the restore points.

I checked through all the earlier posts on this and got myself out of panic mode and was so easy!

I went to Start, R-clicked My Computer/Properties and then clicked tab for System Restore and turned it off. Rebooted, ran new scan and was OK, didn't need to do anything more.

Turned System Restore back on, ran new scan, still OK!:)

And I checked, all is still well with the Smart/Restore program came as package deal with this 'puter.

But makes you wonder?

Was this preset from when I bought from Packard Bell? Could they have been monitoring me? Well my trusty AVG, running successfully on my old 'puter for seven years now with never a problem, didn't like it all!

Thanking you all for your input here and the solution

Sincerely,

Jean Cheesman
Hereford, UK
http://bernese.biz
http://atomic-rooster.com
 
1 - 11 of 11 Posts
Status
Not open for further replies.
Top