Adlice forum
Software feedback => RogueKiller => Topic started by: Th3w01f on February 16, 2014, 02:44:46 AM
-
Just downloaded and ran the latest version of Rogue Killer.
root.zekos was detected, after clicking 'delete' I was asked to reboot. Now getting the black screen of death.
I found this post but the file does not appear to be accessible any longer - http://www.geekstogo.com/forum/topic/336680-solve-zekos-black-screen-after-rpcssdll-replacement/
Any help would be greatly appreciated and worth a donation.
-
Your instructions were still very helpful. I just pulled the drive and used an external cable to modify the rpcss.dll file from another W7 PC. Everything seems to be working fine now.
-
Hello
What was your RogueKiller version?
This is supposed to no longer happen now
-
Hello
What was your RogueKiller version?
This is supposed to no longer happen now
RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : xxxxxx [Admin rights]
Mode : Remove -- Date : 02/15/2014 17:24:46
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 0 ¤¤¤
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
[Root.Zekos][File] rpcss.dll : C:\Windows\System32\rpcss.dll [-] --> REPLACED AT REBOOT -> (C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll)
I should have written down the permissions problem but what I do remember is that there were two listed for SYSTEM, the first one did not inherit and the second one did. There was a second one that was I deleted but I don't remember what it was.
-
Do you remember the permissions given to the new file?
Because this was the issue. Since 8.8.4 it's replacing the replaced file permissions with the ones from the original (infected) one.