Kill.com

Message Topic Search Topic Options Post Reply Create New Topic Printable Version

   Easy solution. Get rid of Norton and use AVG-Free. Just as good if not better, and making file exceptions is much easier.

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version
LightChristmas Members Profile Send Private Message Find Members Posts Visit Members Homepage Add to Buddy List Beta Testers Joined: 15 Oct 2007 Location: Equality, IL Online Status: Offline Posts: 993	Quote Reply Topic: Kill.com Posted: 03 Dec 2012 at 3:24pm
	Easy solution. Get rid of Norton and use AVG-Free. Just as good if not better, and making file exceptions is much easier.


ibewill Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 22 Apr 2012 Online Status: Offline Posts: 21	Quote Reply Posted: 03 Dec 2012 at 11:14am
	I have been dealing with the kill.com problem for a while and mine problem is even worse. Norton Security Suite that Comcast gives free to customers is quarantining Kill.com and the entire Aurora Sequencer and Scheduler software. If I try to open either, there is no file to open with. I have to reopen the original download file that fixes Aurora then open Aurora Sequencer or Scheduler immediately after. Norton thinks its so bad I can't exclude aurora. Hope not to deal with this next year. Adding this to my other problems have been frustrating.

BigDPS Members Profile Send Private Message Find Members Posts Add to Buddy List Beta Testers Joined: 13 Dec 2007 Online Status: Offline Posts: 471	Quote Reply Posted: 13 Sep 2012 at 6:16pm
	Windows likes to change things around as they will. It likes to keep us on the edge.... As for killcom, it appears like my AVG hasn't seen it as a threat today when it scanned it. I wonder if AVG changed its heuristic files already?


LightsOnLogan Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 11 Oct 2007 Online Status: Offline Posts: 3187	Quote Reply Posted: 13 Sep 2012 at 11:07am
	I'm just glad this was caught now instead of December; this is the type of thing that usually pops up around then and makes a support nightmare (does anyone happen to remember Windows Update replacing the FTDI drivers right in the middle of the 2009 season?) Michael


BigDPS Members Profile Send Private Message Find Members Posts Add to Buddy List Beta Testers Joined: 13 Dec 2007 Online Status: Offline Posts: 471	Quote Reply Posted: 12 Sep 2012 at 5:07pm
	After disabling my AVG, I did manage to hash it and it gave me the 246b990f9acff3958f6a551889ae2339 number you had. I will tell AVG about the false positive.


LightsOnLogan Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 11 Oct 2007 Online Status: Offline Posts: 3187	Quote Reply Posted: 12 Sep 2012 at 3:44pm
	I don't know the process with AVG. With Avast I had to restore it from the virus chest, then temporarily shut down protection, then generate the MD5 hash, and then restart protection. I submitted a false positive with Avast. I encourage you to do the same with AVG. For performance reasons it is unlikely that any antivirus actually looks at every byte in a file. While they don't reveal their secrets, it is probable that they look at a handful of bytes and the total file size to figure out if it is a threat or not. This Aurora file just happens to match the pattern when it isn't a threat. Interestingly, I can get the file to pass Antivirus testing if I comment out the lines which shut down the DMX-over-dongle server (the 2009-2011 DMX patch). Michael Edited by LightsOnLogan - 12 Sep 2012 at 3:45pm


BigDPS Members Profile Send Private Message Find Members Posts Add to Buddy List Beta Testers Joined: 13 Dec 2007 Online Status: Offline Posts: 471	Quote Reply Posted: 12 Sep 2012 at 2:54pm
	My anti virus won't even let me open the file. I use digestit and it tells me it can't open the file.


LightsOnLogan Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 11 Oct 2007 Online Status: Offline Posts: 3187	Quote Reply Posted: 12 Sep 2012 at 2:35pm
	Avast started yanking killcom.exe off my development systems today too, so I guess I just today got the definitions update that thinks it is bad. It gave no warning/notice or anything... one minute the file is there, then the next it is gone without any evidence as to what happened. No log was generated in the Avast GUI either. I had to go looking for it in the chest to find where it went. If you have one then you can use your favorite MD5 checksum generator to check yours, or you can download one (this one is easy to use: http://www.colonywest.us/digestit/ ) There are two versions of the file for Aurora, both created in 2009. The one with the July date should have a checksum of e7483276d245eb5fbd2d5dd0983258eb. The one with a December date has a checksum of 246b990f9acff3958f6a551889ae2339. I just rebuilt from source and Avast immediately yanked the file created from source as soon as the compiler was done writing it to disk. False positive? Michael Edited by LightsOnLogan - 12 Sep 2012 at 2:36pm


Jonathan Members Profile Send Private Message Find Members Posts Visit Members Homepage Add to Buddy List Beta Testers Joined: 07 Sep 2008 Location: SoCal Online Status: Offline Posts: 1237	Quote Reply Posted: 12 Sep 2012 at 9:02am
	On my system, AVG seems to think that it's a trojan horse.
	~Jonathan

LightsOnLogan Members Profile Send Private Message Find Members Posts Add to Buddy List Admin Group Joined: 11 Oct 2007 Online Status: Offline Posts: 3187	Quote Reply Posted: 11 Sep 2012 at 8:32pm
	I'm not getting it on avast here. I'll put together a checksum for the file tomorrow to make sure neither of yours have become infected.