Software feedback > RogueKiller

==> Proc.Injected <==

<< < (13/14) > >>

Curson:
Hi Siddharth,

Welcome to Adlice.com Forum.
Could you please relaunch RogueKiller, delete the [Adw.Butler] et [Adw.FastDataX] entries, then reboot your computer and check if explorer.exe is still injected ?

Regards.

Siddharth Kumar:
After rebooting, I ran a scan with Roguekiller and it did not detected explorer as Proj.infected. So can you tell that removing the other entries can remove Proj.Infected ?

Curson:
Hi Siddharth,

In this case, Adw.Butler implemented a driver which was responsible for the injection on explorer.exe.
Since RogueKiller removed the driver, explorer.exe is no longer injected.

Regards.

Miklo:
NEW UPDATES: Regarding the Warning/Virus: [Proc.Injected] within [svchost.exe] File!



This is a re-edited Topic. I Created a Topic earler and needed help regarding this type of Virus. I was not sure if my Computer was Infected or not....

Hello Everyone.  I was finally able to get rid of the Virus/Warning [Proc.Injected] within [svchost.exe] File by Replacing the Windows System Files with a fresh set of files from My Windows Installations CD. Incase someone else had the same problem, then this is how I fixed mine.

Please know that I DO NOT recommend using this method. Mainly because your Windows might fail to Restart, As mine did. There are probably better ways to replace your Windows System Files. In my case I had no other choice.

1. So based on the main topic, I used "Process Hacker" Software to detect the Process above the Infected filename svchost.exe . Such as:[/b]

- The Process above the infected svchost.exe file was called services.exe
- And Process above the services.exe was called:  winini.exe

I suspected that one of the the following files seen below were causing the Infection:

C:\Windows\System32\wininit.exe
C:\Windows\System32\services.exe
C:\Windows\System32\svchost.exe

2. I basicly replaced all 3 files using a fresh set from my Windows Installation CD, and through the Command Line. But this did not come easy. After Replacing the files. My Windows failed to restart. .

3. I had to use the Windows "Startup Repair" Option from the Installations CD.  After the Repair was Complete my windows started totally fine.

4. I then ran a Final Scan using "RogueKiller". And finally the "Proj.Inected" svchost.exe virus was completely gone. 

I really hope that this could help someone else. But as I mentioned above. Please DO NOT attempt using this method for Replacing your Windows System Files. Please use a different way. Thank you.

Ps, I wanna send a huge thanks to the Adlice Team for their hard work and support within the forums. If it wasn't for this Topic and RogueKiller. I probably had been infected for very long time. So Thank you again!

Curson:
Hi Miklo,

Welcome to Adlice.com Forum and thanks for your extented feedback.
There was indeed an odd injection into svchost.exe. The method you used to get rid of it is quite convulsed but thanks to your detailed explanations, I'm sure it can benefict some users.

Using the dumps you gave us, we will be able to analyse the injection in depth.
Also, thanks for the kind words, this is appreciated.

Regards.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version