Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rogue.PSecurity


  • Please log in to reply
4 replies to this topic

#1 skubakirk

skubakirk

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 15 March 2015 - 01:19 PM

Malwarebytes found this and several other "Rogue.somethings" on my computer. Anyone know what it is? It finds it every time I scan. When I look for the files manually, I can't find them.

 

Skuba

Attached Files


Edited by Queen-Evie, 15 March 2015 - 01:51 PM.
moved from Windows 7 to the appropriate forum


BC AdBot (Login to Remove)

 


m

#2 skubakirk

skubakirk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 19 March 2015 - 08:51 PM

Nothin? nobody has heard of this before???



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 AM

Posted 20 March 2015 - 03:04 PM

Hello, lets do it this way

First run RKill,then MBAM again.

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 skubakirk

skubakirk
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:05 AM

Posted 20 March 2015 - 07:43 PM

I have run Rkill, combofix, and several other of the top programs on bleeping computer. They all found something suspicious, but nothing looked like a trojan. I just ran Rkill again and it found the same 3 processes it found yesterday. Here is my log file.

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/20/2015 07:38:18 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\SysWOW64\ezSharedSvcHost.exe (PID: 556) [WD-HEUR]
 * C:\Windows\system32\PrintCtrl.exe (PID: 2876) [WD-HEUR]
 * C:\Windows\System32\PrintDisp.exe (PID: 1548) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/20/2015 07:41:28 PM
Execution time: 0 hours(s), 3 minute(s), and 10 seconds(s)
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,114 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:05 AM

Posted 20 March 2015 - 10:42 PM

Did you run Malwarebytes after RKill? What did that log show?

Anyway, having run ComboFix, we need to have our trained personnel review that log. ComboFix is not a run it and cure all tool.

Please follow this Preparation Guide, include your ComboFix log and post in a new topic.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users