Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

rkill keeps killing these two processes


  • Please log in to reply
2 replies to this topic

#1 phongvu99

phongvu99

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:31 AM

Posted 25 June 2014 - 11:09 PM

rkill keeps finding and terminating these two processes. I run TDSSkill.In a day or two rkill finds and terminates the same
two.Any ideas what it is and how to deal with it?
Here is the log:
Rkill 2.6.7 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 06/26/2014 11:01:37 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\WINDOWS\System32\WLTRYSVC.EXE (PID: 856) [WD-HEUR]
 * C:\WINDOWS\System32\bcmwltry.exe (PID: 876) [WD-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\sfcfiles.dll : 1,580,544 : 06/18/2008 11:29 AM : 9f960fac5166f8626b9cde4dd9a0eb84 [NoSig]
 
 * C:\WINDOWS\System32\Drivers\tcpip.sys : 359,040 : 10/09/2013 10:16 PM : 7399d854596bfefeed6b60879f28ce07 [NoSig]
 +-> C:\WINDOWS\system32\dllcache\tcpip.sys : 359,040 : 10/09/2013 10:16 PM : 7399d854596bfefeed6b60879f28ce07 [Pos Repl]
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
  127.0.0.1 secure.tune-up.com
  127.0.0.1 www.order.tune-up.com
  127.0.0.1 www.tune-up.com
  127.0.0.1 www.tune-up.com/order
  127.0.0.1 www.registertuneup.com
  127.0.0.1 www.tuneup.de
 
Program finished at: 06/26/2014 11:04:25 AM
Execution time: 0 hours(s), 2 minute(s), and 48 seconds(s)
P/S:found this topic,same one has this problem like me,though it solved.Link:http://www.bleepingcomputer.com/forums/t/465642/rkill-keeps-finging-these-two-processes/


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 PM

Posted 26 June 2014 - 10:13 AM

As Grinler stated in post 3 of the other topic, they are safe.
They are a process file from company Broadcom Corporation belonging to product Broadcom 802.11 Wireless Network Service.
The file is digitally signed from Broadcom Corporation - VeriSign Time Stamping Services Signer - G2



Next time you reboot those processes will start again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 phongvu99

phongvu99
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:31 AM

Posted 26 June 2014 - 10:44 AM

Ok,thanks for reply.You can now close this topic.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users