Question Rkill ending a process (Question about possible malware)

Toggle sidebar Toggle sidebar
Z

Ztron5

Reputable
May 4, 2020
13
0
4,510
Hey, guys! I hope you are all doing well!

I usually try to run anti malware programs every 10 days or so on my computer (being paranoid after my last infection)

So, I usually use (in this order, on the entire system):
Rkill
ADWCleaner
Malwarebytes (detect rootkits enabled)
Avast

None of the other programs found anything except Rkill, that found this and stopped it (didn't appear on a second scan, though):
AppData\Local\Temp\78AA478B-E39E-4531-868B-1713F8131BAE\DismHost.exe (PID: 17664) [T-HEUR]

Should I be worried? Does anyone know what it means?
Any help would be appreciated! Thank you, everyone!
 
Sort by date Sort by votes
Here's further reading with steps what to do,
link: https://www.itechguides.com/dism-host-servicing-process-dismhost-exe-malware/

All-in-all, with malware, best would be to avoid infection in the first place, rather than trying to clean up afterwards. Meaning that you don't visit suspicious sites, doesn't torrent stuff from public sources (aka piracy) nor open links within e-mails. But if you do, well, then your PC deserves to be infected with malware.

Btw, MalwareBytes Premium has Browser Guard, which will keep you away from suspicious sites, among other things. Oh, scheduled scans as well (i've scheduled it to run twice a day, ~11h apart).
 
  • Like
Reactions: Ztron5
Upvote 0 Downvote
Aeacus said:
Here's further reading with steps what to do,
link: https://www.itechguides.com/dism-host-servicing-process-dismhost-exe-malware/

All-in-all, with malware, best would be to avoid infection in the first place, rather than trying to clean up afterwards. Meaning that you don't visit suspicious sites, doesn't torrent stuff from public sources (aka piracy) nor open links within e-mails. But if you do, well, then your PC deserves to be infected with malware.

Btw, MalwareBytes Premium has Browser Guard, which will keep you away from suspicious sites, among other things. Oh, scheduled scans as well (i've scheduled it to run twice a day, ~11h apart).
Click to expand...
Thanks! But I didn't do any of the above. I buy everything I watch/play. I got paranoid after my last infection, so I long abandoned these habits completely.

I think it was already installed here on my computer, and according to VirusTotal, it was distributed by Microsoft itself. I don't know why Rkill ended this process.
 
Upvote 0 Downvote
Ztron5 said:
I don't know why Rkill ended this process.
Click to expand...
Most likely flagged it as malicious.

As far as processes running, i monitor them all with Process Explorer,
link: https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Guide on how to understand it,
link: https://www.howtogeek.com/school/sysinternals-pro/lesson2/

Process Explorer is just one of the safeguard hardware i use against malware. Others i use are:
  • MalwareBytes Premium
  • HTTPS Everywhere (Firefox plug-in)
  • Decentraleyes (Firefox plug-in)
  • uBlock Origin (Firefox plug-in)
  • MalwareBytes Browser Guard (Firefox plug-in, part of MalwareBytes Premium)
  • NoScript (Firefox plug-in)
  • Autoruns
  • CCleaner

All that combined = 0 malware and 0 ads. And in an extremely rare chance something slips through, i'll fish it out with Process Explorer. Btw, i haven't had an infection for years now.

Note: NoScript, Autoruns and CCleaner are super user level software, since they can mess up your browser/OS, if you don't know what you're doing.
 
  • Like
Reactions: Ztron5
Upvote 0 Downvote
Aeacus said:
Most likely flagged it as malicious.

As far as processes running, i monitor them all with Process Explorer,
link: https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer

Guide on how to understand it,
link: https://www.howtogeek.com/school/sysinternals-pro/lesson2/

Process Explorer is just one of the safeguard hardware i use against malware. Others i use are:
  • MalwareBytes Premium
  • HTTPS Everywhere (Firefox plug-in)
  • Decentraleyes (Firefox plug-in)
  • uBlock Origin (Firefox plug-in)
  • MalwareBytes Browser Guard (Firefox plug-in, part of MalwareBytes Premium)
  • NoScript (Firefox plug-in)
  • Autoruns
  • CCleaner
All that combined = 0 malware and 0 ads. And in an extremely rare chance something slips through, i'll fish it out with Process Explorer. Btw, i haven't had an infection for years now.

Note: NoScript, Autoruns and CCleaner are super user level software, since they can mess up your browser/OS, if you don't know what you're doing.
Click to expand...
The more I search about this, the more it seems like a false positive, because it seems that this is automatically created when windows defender can't scan your pc.
Although it's a bit strange that it had only happened now.

And your protection is very similar to mine.
I even use Avast browser protection too because it has a reputation for all sites, so you can even avoid clicking on something bad.
 
Upvote 0 Downvote
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom