Thank you for the help.
Best answer by Rakanisheu Retired
View originalWebroot calls taskkill.exe a Pua.Mypcbackup. False positive or not?
Also what could happen if I do choose to remove it. Im running Windows 8.
Thank you for the help.
Thank you for the help.
Page 1 / 2
Also what could happen if I do choose to remove it. Im running Windows 8.
Thank you for the help.
Thank you for the help.
Userlevel 7
+56
Hello and Welcome to the Webroot Community!
Pua.Mypcbackup does not sound like a false positive because I have removed many from other PC's without WSA installed so please follow instructions here on removing PUA's and Part 1 will apply: https://community.webroot.com/t5/Tips-and-Tricks-KB/How-to-Remove-Potentially-Unwanted-Applications/ta-p/40744 and if you continue to have issues please Submit a Support Ticket and they will be happy to help you.
Thanks,
Daniel 😉
Pua.Mypcbackup does not sound like a false positive because I have removed many from other PC's without WSA installed so please follow instructions here on removing PUA's and Part 1 will apply: https://community.webroot.com/t5/Tips-and-Tricks-KB/How-to-Remove-Potentially-Unwanted-Applications/ta-p/40744 and if you continue to have issues please Submit a Support Ticket and they will be happy to help you.
Thanks,
Daniel 😉
Userlevel 7
+56
Also can you tell me what version product of WSA you are using as I see you posted in all 3 Product Forums and makes it confusing.
Thanks,
Daniel 😉
Thanks,
Daniel 😉
Userlevel 7
Welcome to the community Shariqd98!@ wrote:
Also what could happen if I do choose to remove it. Im running Windows 8.
Thank you for the help.
Great to have you here!
In addition to TripleHex, MyPCBackup is a windows backup utility. It is bundled in some software download programs.They want you to buy it. The advertizing for MyPCBackup is adware, or PUA - potentionally unwanted application. It is annoying, but not malicious.
Taskkill on the other hand is a windows process. If you received a message that taskkill is a PUA, then there may be something else happening.
As TripleHelix advised, please do submit a support ticket. It will also be helpful to reference this thread by including this link to your question https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/Webroot-calls-taskkill-exe-a-Pua-Mypcbackup-False-positive-or/m-p/135117#M7420
Please do let us know how you are doing and come often and share your experiences!
Beth
I'm unsure about the version since Webroot came installed on my computer through best buy geeksuad.
Userlevel 7
+56
You can see here: http://www.webroot.com/En_US/SecureAnywhere/PC/WSA_PC_Help.htm#C12_MyAccount/CH11a_ViewingAccount.htm
Thanks,
Daniel 😉
Thanks,
Daniel 😉
My problem is that as MaspeekCfar said, taskkill.exe isa windows process. It being identified as a pua is unnerving.
Userlevel 7
Well then Shariqd98, if you have any qualms about this and so what to do, then do what Daniel suggested at the start and open a support ticket ASAP so that the Support Team can investigate and sort you out.
Regards
Baldrick
Regards
Baldrick
Userlevel 7
+56
When you do a scan does it show clean now? Also Can you save a Scan Log and post the Infected lines only at the Bottom of the Log?@ wrote:
My problem is that asMaspeekCfar said,taskkill.exeisa windows process. It being identified as apua is unnerving.
Example: Fri 01-08-2014 17:46:39.0212 Infection detected: c:usersdanieldownloadsfax_912_391233111_941.zip/fax_912_391233111_941.scr [MD5: BCABB6EDD117A8742C8FF9F0C2B82200] [3/00080001] [W32.Rogue.Gen]
Thanks,
Daniel
Userlevel 7
So sorry Shariqd98 !@ wrote:
My problem is that as MaspeekCfar said, taskkill.exe isa windows process. It being identified as a pua is unnerving.
A support ticket is the best way to go, but if you can save the log as TripleHelix asked and post those lines for him, he may be able to help you further.
Beth
I have Internet Security Plus
Userlevel 7
+56
Thanks and how about my other question with the Scan & Scan log?
Thanks,
Daniel
Thanks,
Daniel
Well I followed the part 1 of the pua removal that you posted earlier, and well I cant find Mypcbackup.
Userlevel 7
+56
And anything about Taskkill.exe now?
Daniel
Daniel
So i ran the scan again like you asked, and well now it didnt find any problems. That is kinda scary. Bug or what. Before all this the first thing I did was run MBAM and it found nothing.
Would you still want the scan log?
Would you still want the scan log?
Userlevel 7
+56
If you want to make sure your clean it's best to Submit a Support Ticket and they will let you know for sure. And I believe you are clean but one can never be to careful and to get a piece of mind!@ wrote:
So i ran the scan again like you asked, and well now it didnt find any problems. That is kinda scary. Bug or what. Before all this the first thing I did was run MBAM and it found nothing.
Would you still want the scan log?
Thanks,
Daniel 😉
Sun 2014-08-03 11:36:16.0625 Scan Started: [ID: 45 - Flags: 551/16]
Sun 2014-08-03 11:38:39.0059 Connected to C3
Sun 2014-08-03 11:38:39.0066 Infection detected: c:windowssyswow64 askkill.exe [MD5: 473201A0FFA27C9B174D97A05D1AF791] [3/40180000] [Pua.Mypcbackup]
Sun 2014-08-03 11:38:39.0363 Scan Results: Files Scanned: 50206, Duration: 2m 22s, Malicious Files: 1
Sun 2014-08-03 11:38:39.0476 Scan Finished: [ID: 45 - Seq: 2147000000]
Sun 2014-08-03 11:39:05.0171 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 4 (1958)
Sun 2014-08-03 11:39:05.0171 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 5 (1958)
Sun 2014-08-03 11:39:05.0174 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 8 (1958)
Sun 2014-08-03 11:39:05.0174 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 6 (1958)
Sun 2014-08-03 14:45:02.0731 Begin passive write scan (1 file(s))
Sun 2014-08-03 14:45:03.0737 Begin passive write scan (3 file(s))
Sun 2014-08-03 14:45:05.0000 End passive write scan (1 file(s))
Sun 2014-08-03 14:45:05.0406 End passive write scan (3 file(s))
Sun 2014-08-03 14:45:36.0821 Begin passive write scan (4 file(s))
Sun 2014-08-03 14:45:37.0381 End passive write scan (4 file(s))
Sun 2014-08-03 15:42:49.0688 Scan Started: [ID: 46 - Flags: 551/16]
Sun 2014-08-03 15:44:16.0253 Scan Results: Files Scanned: 50664, Duration: 1m 26s, Malicious Files: 0
Sun 2014-08-03 15:44:16.0287 Scan Finished: [ID: 46 - Seq: 2147000000]
Sun 2014-08-03 15:46:35.0552 Saved the product log to C:UsersShariqDesktopScan log.log
Well here is the scan log anyway, from before i made the post till now. Thanks for all the help. Already submitted a support ticket, just waiting now. I most likely wont get a response till tomorrow because its sunday.
Sun 2014-08-03 11:38:39.0059 Connected to C3
Sun 2014-08-03 11:38:39.0066 Infection detected: c:windowssyswow64 askkill.exe [MD5: 473201A0FFA27C9B174D97A05D1AF791] [3/40180000] [Pua.Mypcbackup]
Sun 2014-08-03 11:38:39.0363 Scan Results: Files Scanned: 50206, Duration: 2m 22s, Malicious Files: 1
Sun 2014-08-03 11:38:39.0476 Scan Finished: [ID: 45 - Seq: 2147000000]
Sun 2014-08-03 11:39:05.0171 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 4 (1958)
Sun 2014-08-03 11:39:05.0171 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 5 (1958)
Sun 2014-08-03 11:39:05.0174 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 8 (1958)
Sun 2014-08-03 11:39:05.0174 Monitoring process C:Windowssystem32SnippingTool.exe [42FCEB40063A3911AF11D71BD0B319E8]. Type: 6 (1958)
Sun 2014-08-03 14:45:02.0731 Begin passive write scan (1 file(s))
Sun 2014-08-03 14:45:03.0737 Begin passive write scan (3 file(s))
Sun 2014-08-03 14:45:05.0000 End passive write scan (1 file(s))
Sun 2014-08-03 14:45:05.0406 End passive write scan (3 file(s))
Sun 2014-08-03 14:45:36.0821 Begin passive write scan (4 file(s))
Sun 2014-08-03 14:45:37.0381 End passive write scan (4 file(s))
Sun 2014-08-03 15:42:49.0688 Scan Started: [ID: 46 - Flags: 551/16]
Sun 2014-08-03 15:44:16.0253 Scan Results: Files Scanned: 50664, Duration: 1m 26s, Malicious Files: 0
Sun 2014-08-03 15:44:16.0287 Scan Finished: [ID: 46 - Seq: 2147000000]
Sun 2014-08-03 15:46:35.0552 Saved the product log to C:UsersShariqDesktopScan log.log
Well here is the scan log anyway, from before i made the post till now. Thanks for all the help. Already submitted a support ticket, just waiting now. I most likely wont get a response till tomorrow because its sunday.
Userlevel 7
+56
The MD5 came up clean on VT from the log: https://www.virustotal.com/en/file/f10a687981640357948fa9fe8c54e83e4e429fe01d488f6b4ebb28765156145a/analysis/ but if you want to make sure contact support and they can explain why the detection! It could be your settings if you changed it from default.
Thanks,
Daniel 😉
Thanks,
Daniel 😉
Thanks, high chance is possibly a bug?
Userlevel 7
+56
I don't know and I don't have any detection of taskkill.exe on my system but again contact support for the answer!!
Daniel 😉
Daniel 😉
Already have, thank you for everything.
Userlevel 7
Hi Daniel
Have found taskkill.exe on my system, carried out a right click scan with WSA (and another reputable scanner as a back up) and it comes up clean on my Win7 Home SP1 64bit.
Regards
Baldrick
Have found taskkill.exe on my system, carried out a right click scan with WSA (and another reputable scanner as a back up) and it comes up clean on my Win7 Home SP1 64bit.
Regards
Baldrick
Userlevel 7
+56
You are very Welcome and WSA is an awesome security product!
Cheers,
Daniel :D
Cheers,
Daniel :D
Userlevel 7
You are very welcome Shariqd98 !@ wrote:
Already have, thank you for everything.
Please do come back and share your experiences!
See you around in the community!
Beth
Userlevel 7
I can see what happened in this case, it had already been fixed by the time I checked. That file shouldnt be detected as bad now.
Page 1 / 2
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.