Solved

Rkill Processes to terminate

Posted on 2014-01-06
6
1,023 Views
Last Modified: 2014-01-06
A client was infected by PUPs.  I can't get a clean rkill log.  Everything is good but it says -

Checking for processes to terminate:

 * C:\windows\SysWOW64\PSIService.exe (PID: 2368) [WD-HEUR]
 * C:\windows\system32\ThpSrv.exe (PID: 3000) [WD-HEUR]
 * C:\Windows\System32\ThpSrv.exe (PID: 4528) [WD-HEUR]

Any concern or correction?
Thanks,
Mags
0
Comment
Question by:MagsMcKinley14
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 500 total points
ID: 39760877
All the three processes seem to be legitimate.

No harm if you terminate these processes, however.
0
 

Author Comment

by:MagsMcKinley14
ID: 39760888
Thanks...what does the "PID: #" and "WD-HEUR" mean?
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 500 total points
ID: 39760901
PID = Process ID.

WD-HEUR (clearly a RKill term): I do not know what it stands for (a trojan in rkill's eyes).

Why don't you also scan with Malwarebytes Antimalware (free) just to gain some peace of mind?
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 

Author Comment

by:MagsMcKinley14
ID: 39760931
Did that as well as SAS, AdwCleaner, Hitman Pro, JRT...last MBAM was clean.  
Computer is running well.  Anything else I should run?

Thanks for your assistance,
Mags
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 500 total points
ID: 39760936
No. Your PC is clean. Make a restore point. And enjoy using it and worry not.
0
 

Author Closing Comment

by:MagsMcKinley14
ID: 39760954
Thanks for the reminder on the restore point!!  I'll clear the infected ones first!!  Have a good one,  I appreciate your help!
Happy New Year!
Mags
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
An introduction to the wonderful sport of Scam Baiting.  Learn how to help fight scammers by beating them at their own game. This great pass time helps the world, while providing an endless source of entertainment. Enjoy!
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question