Solved

Rkill Processes to terminate

Posted on 2014-01-06
6
941 Views
Last Modified: 2014-01-06
A client was infected by PUPs.  I can't get a clean rkill log.  Everything is good but it says -

Checking for processes to terminate:

 * C:\windows\SysWOW64\PSIService.exe (PID: 2368) [WD-HEUR]
 * C:\windows\system32\ThpSrv.exe (PID: 3000) [WD-HEUR]
 * C:\Windows\System32\ThpSrv.exe (PID: 4528) [WD-HEUR]

Any concern or correction?
Thanks,
Mags
0
Comment
Question by:MagsMcKinley14
  • 3
  • 3
6 Comments
 
LVL 24

Accepted Solution

by:
aadih earned 500 total points
ID: 39760877
All the three processes seem to be legitimate.

No harm if you terminate these processes, however.
0
 

Author Comment

by:MagsMcKinley14
ID: 39760888
Thanks...what does the "PID: #" and "WD-HEUR" mean?
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 500 total points
ID: 39760901
PID = Process ID.

WD-HEUR (clearly a RKill term): I do not know what it stands for (a trojan in rkill's eyes).

Why don't you also scan with Malwarebytes Antimalware (free) just to gain some peace of mind?
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:MagsMcKinley14
ID: 39760931
Did that as well as SAS, AdwCleaner, Hitman Pro, JRT...last MBAM was clean.  
Computer is running well.  Anything else I should run?

Thanks for your assistance,
Mags
0
 
LVL 24

Assisted Solution

by:aadih
aadih earned 500 total points
ID: 39760936
No. Your PC is clean. Make a restore point. And enjoy using it and worry not.
0
 

Author Closing Comment

by:MagsMcKinley14
ID: 39760954
Thanks for the reminder on the restore point!!  I'll clear the infected ones first!!  Have a good one,  I appreciate your help!
Happy New Year!
Mags
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question