Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my software_reporter_tool.exe from Google Chrome Infected?


  • Please log in to reply
4 replies to this topic

#1 benta

benta

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:13 AM

Posted 02 August 2018 - 05:48 AM

Today my RogueKiller found software_reporter_tool.exe from my Google Chrome as "Suspicious.Path", but I don't think I have done anything that could infect my Google Chrome. What's more, I use RogueKiller to scan my PC 2-4 times a week but it didn't find anything. Could this be a false positive?

 

RogueKiller V12.12.29.0 (x64) [Jul 30 2018] (Free) by Adlice Software

 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : tbhben [Administrator]
Started from : E:\Program Files\RogueKiller\RogueKiller64.exe
Mode : Delete -- Date : 08/02/2018 05:24:42 (Duration : 00:22:53)
 
¤¤¤ Processes : 3 ¤¤¤
[Suspicious.Path] software_reporter_tool.exe(6684) -- E:\Users\tbhben\AppData\Local\Google\Chrome\User Data\SwReporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]
[Suspicious.Path] software_reporter_tool.exe(6692) -- e:\Users\tbhben\AppData\Local\Google\Chrome\user data\swreporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]
[Suspicious.Path] software_reporter_tool.exe(6744) -- e:\Users\tbhben\AppData\Local\Google\Chrome\user data\swreporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]
 
¤¤¤ Registry : 2 ¤¤¤
[PUP.SmartPCFixer] (X64) HKEY_USERS\S-1-5-21-1034722268-116428125-1122422439-1000\Software\Epic -> Deleted
[PUP.SmartPCFixer] (X86) HKEY_USERS\S-1-5-21-1034722268-116428125-1122422439-1000\Software\Epic -> Deleted
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000AAKX-00ERMA0 ATA Device +++++
--- User ---
[MBR] 4ca7b3423dfcdba40e7a050846880767
[BSP] ad049b8585a1cc07fd135efa83e4ae26 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 236001 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 483331590 | Size: 240935 MB [Windows XP Bootstrap | Windows XP Bootloader]
User = LL1 ... OK
User = LL2 ... OK
 
Thanks in advance for your help!


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,261 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:13 AM

Posted 02 August 2018 - 07:20 AM

Please submit the FRST data requested at Preparation Guide, Before Using Malware Removal Tools and Requesting Help - http://www.bleepingcomputer.com/forums/topic34773.html in your next post to this topic.

 

Louis



#3 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:13 AM

Posted 02 August 2018 - 07:56 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
RogueKiller Suspicious path issue

[Suspicious.Path] software_reporter_tool.exe(6684) -- E:\Users\tbhben\AppData\Local\Google\Chrome\User Data\SwReporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]
[Suspicious.Path] software_reporter_tool.exe(6692) -- e:\Users\tbhben\AppData\Local\Google\Chrome\user data\swreporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]
[Suspicious.Path] software_reporter_tool.exe(6744) -- e:\Users\tbhben\AppData\Local\Google\Chrome\user data\swreporter\31.165.200\software_reporter_tool.exe[7] -> Killed [TermThr]


Read this article.
https://www.ghacks.net/2018/01/20/how-to-block-the-chrome-software-reporter-tool-software_reporter_tool-exe/

If you want to remove it delete the items with the RogueKiller program.

===

If you have any other issues with this computer follow "Louis" instructions and post the logs for my review.

#4 benta

benta
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Local time:05:13 AM

Posted 03 August 2018 - 06:22 PM

I don't any issues with my computer, except the RogueKiller Suspicious path issue. Thanks for the link and explanation, nasdaq!



#5 nasdaq

nasdaq

  • Malware Response Team
  • 40,159 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:13 AM

Posted 04 August 2018 - 07:04 AM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/


https://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
Simple and easy ways to keep your computer safe and secure on the Internet.
===




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users