Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Trojan:Win32/Comroki!rts

03 Jul 2011   #11
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
 
 

I have seen you post this before. Only one question.

Script blocking. I have no idea if any script blocking is running or not.

Here are the files.




Attached Files
File Type: txt DDS.txt (5.2 KB, 10 views)
File Type: txt DDS2.txt (24.5 KB, 6 views)
My System SpecsSystem Spec
.
03 Jul 2011   #12
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I don't see anything in those reports. What did Microsoft Safety Scanner find, exactly? Do you have the name of the file and path?
My System SpecsSystem Spec
03 Jul 2011   #13
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
 
 

Trojan Win32/Comroki

Saturday evening.
I downloaded and ran the Microsoft Safety Scanner it showed it found one thing as it was scanning.
When done it popped up a window showing Trojan Win32/Comroki removed.
No log or path or option to save a log or anything.

Friday evening Mbam found nothing. My weekly scan.
Avast never showed a bad page or anything yesterday.
Actually only went to 3 web sites yesterday before downloading the Safety Scanner and running.

After Safety Scanner said it found and removed the trojan I then ran the ESET, Avast and Mbam again after Safety Scanner and found nothing.
Ran Win Defender this morning- forgot it was on here and running also. Nothing found.

So totally confused here.

False alarm or if I had it it is now gone?
My System SpecsSystem Spec
.

03 Jul 2011   #14
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Well, MSE sounded the alarm for that on mine also (Trojan Win32/Comroki). However, the file it said was infected was rkill.com. I d/l ed that copy of the file about a month ago from the legit website.

When I scanned the exact same file (rkill.com) I keep on my external HD with MSE, it came back negative.

It detected this shortly after I applied the update for MSE (To ver 2.1.1116.0). I wonder if that had anything to do with it?

Meanwhile, I've done an extensive check of the system and found nothing. I tried d/l ing rkill again to see if it would pick it up as infected, and although it was the same version, it didn't register anything when scanned.
My System SpecsSystem Spec
03 Jul 2011   #15
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

RKill is not malicious. VirusTotal shows that only a few AVs flag it as anything
I believe, Mike, that a F/P was flagged.
My System SpecsSystem Spec
03 Jul 2011   #16
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

I was wondering if it was a false positive.

I assumed it probably was when I scanned the rkill file on the external HD and it found nothing, along with d/l ing the same version of rkill and nothing showing up.

However, I still did some through investigating, since paranoia is a good thing when it comes to viruses/malware.

@Jacee - MSE has never detected rkill as malicious on my machine...until that one time....curious...
My System SpecsSystem Spec
03 Jul 2011   #17
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
 
 

Me too on the paranoia.

I also have rkill downloaded.
Since the Safety Scanner gives you no info other than the name of what says it removed it could have been a reaction to anything.

Thanks for the help Jacee.
My System SpecsSystem Spec
03 Jul 2011   #18
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Whew! Nice one.
My System SpecsSystem Spec
Reply

 Trojan:Win32/Comroki!rts




Thread Tools




Similar help and support threads
Thread Forum
Trojan.Win32.Jorik.Midhos.axf
I let SuperAntivirus and then Microsoft Security essentials try and take care of the problem. I suspect something is still wrong and I am wondering if some files are missing as the computer is not behaving normally. Any ideas to find out if I am missing part of windows 7 now and if this is...
System Security
Trojan:Win32/FakeSysdef
This computer again: https://www.sevenforums.com/browsers-mail/214851-ie9-32bit-context-menu-fails-w7-pro-64bit.html Here is some of what I know about the box build. I was asked to cleanup the aftermath of this: Encyclopedia entry: Trojan:Win32/FakeSysdef - Learn more about malware -...
System Security
Win32/fynlovski.aa trojan problem
Hello, I got Win32/fynloski.aa trojan today & I am not sure if I had completely removed it, as I had heard it reappears after some time if not successfully removed from the computer. Well, firstly I scanned my computer with Eset NOD 32 Antivirus & it found the trojan attached to my calc.exe...
System Security
trojan downloader:win32/cutwail.ba HELP!
Microsoft Security Essentials discovered this trojan virus today and three times it said I needed to restart to clean computer yet, it never leaves and is caught again on returning to Desktop. I've looked this up on Microsoft KB and that document says to keep MSSE up to date however, the problem...
System Security
Trojan-Downloader.Win32.VB.bbl
I found this awesome virus "Trojan-Downloader.Win32.VB.bbl" and analyzed its behaviour in a VirtualBox and quickly found a weaknes :p It is very hard to remove, it closes antivirus setups and then deletes them, closes all windows containg anything about antivirus tools (even if you google anything...
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 10:45.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App