Adlice forum

Software feedback => RogueKiller PREMIUM => Topic started by: tokyojef on January 26, 2018, 04:18:58 PM

Title: RuntimeBroker.exe marked as proc inject malware
Post by: tokyojef on January 26, 2018, 04:18:58 PM

Hi!
Hoping someone might have a moment to look thru the attached dumps.
Running Roguekiller Premium has noted RuntimeBroker.exe as proc inject malware.
I want to include 3 instances of it that appeared in process hacker,
they are in the google drive link here ==>
https://drive.google.com/drive/folders/1DBUf5N_oJsY87M-hKQOu9w6rBe5E1YE4?usp=sharing (https://drive.google.com/drive/folders/1DBUf5N_oJsY87M-hKQOu9w6rBe5E1YE4?usp=sharing)

RuntimeBroker is in the usual folder that it is suppose to reside in.
Hoping to find out if it is a false positive or not.

Thanks for any help!

Jeff :)

Title: Re: RuntimeBroker.exe marked as proc inject malware
Post by: Curson on January 26, 2018, 05:21:36 PM

Hi Jeff,

Welcome to Adlice.com Forum.

The injection is made by AVAST Antivirus.
You don't need to worry about it.

Regards.

Title: Re: RuntimeBroker.exe marked as proc inject malware
Post by: tokyojef on January 26, 2018, 06:36:17 PM

Thanks so much Curson :)

for taking the time to look
and reply so quickly.
My first encounter with looking at a dump file
and i couldn't recognize much on my own.
thanks for your skills and time, Very much appreciated!

Jeff

Title: Re: RuntimeBroker.exe marked as proc inject malware
Post by: Curson on January 26, 2018, 06:41:37 PM

Hi Jeff,

You are very welcome. That's why we are here for.
Thanks for the kind words, this is appreciated.  :)

Regards.