1
RogueKiller / Re: Proc.RunPE found, need some advices.
« on: August 14, 2016, 07:30:55 PM »
That's reassuring, thanks for the help.
Regards.
Regards.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
RogueKiller / Re: Proc.RunPE found, need some advices.
« on: August 14, 2016, 04:50:07 PM »
Thanks, here are the links.
-
-
I did two new scans just to be sure. The first one didn't find anything, and the second did find rundll32.exe as a Proc.RunPE, once again.
Here is the link for the reports. I couldn't find it on procexp however.
-
-
-
I did two new scans just to be sure. The first one didn't find anything, and the second did find rundll32.exe as a Proc.RunPE, once again.
Here is the link for the reports. I couldn't find it on procexp however.
-
3
RogueKiller / Proc.RunPE found, need some advices.
« on: August 12, 2016, 03:36:47 PM »
Greetings,
As said, my last Roguekiller scan detected a Proc.RunPE in C:\Windows\System32\SearchFilterHost.exe
I don't know if it's a false positive, but since that exe is in System32 I don't think I can delete it like that so ...
Here are the reports, in txt and json.
Thanks in advance for the help.
As said, my last Roguekiller scan detected a Proc.RunPE in C:\Windows\System32\SearchFilterHost.exe
I don't know if it's a false positive, but since that exe is in System32 I don't think I can delete it like that so ...
Here are the reports, in txt and json.
Thanks in advance for the help.
4
RogueKiller / Re: 2 .sys files flagged as File.Forged - False Positives or not ?
« on: June 20, 2016, 09:26:50 PM »
Done, and here is the fixlog.txt .
5
RogueKiller / Re: 2 .sys files flagged as File.Forged - False Positives or not ?
« on: June 20, 2016, 08:43:15 PM »
Here is the txt file.
6
RogueKiller / Re: 2 .sys files flagged as File.Forged - False Positives or not ?
« on: June 20, 2016, 07:55:55 PM »
First of all, thanks for the quick replies.
Secondly, if there is an easy way to replace them by signed and sure copies to avoid any problem like that in the future, I would gladly do so.
Secondly, if there is an easy way to replace them by signed and sure copies to avoid any problem like that in the future, I would gladly do so.
7
RogueKiller / Re: 2 .sys files flagged as File.Forged - False Positives or not ?
« on: June 20, 2016, 06:35:50 PM »
Sure, here you go.
8
RogueKiller / 2 .sys files flagged as File.Forged - False Positives or not ?
« on: June 20, 2016, 05:21:34 PM »
Greetings.
As introduced in the subject, my last scan got two files flagged as File.Forged > hidparse.sys - hidusb.sys
Here is the report.
__
RogueKiller V12.3.4.0 (x64) [Jun 20 2016] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : x [Administrateur]
Démarré depuis : C:\Users\x\Downloads\RogueKillerX64 (10).exe
Mode : Scan -- Date : 06/20/2016 15:57:23
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 0 ¤¤¤
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 2 ¤¤¤
[File.Forged][Fichier] C:\Windows\System32\drivers\hidparse.sys -> Trouvé(e)
[File.Forged][Fichier] C:\Windows\System32\drivers\hidusb.sys -> Trouvé(e)
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
__
I don't get anything else with any other software so I just wanted to make it sure before taking any actions.
Thanks in advance.
As introduced in the subject, my last scan got two files flagged as File.Forged > hidparse.sys - hidusb.sys
Here is the report.
__
RogueKiller V12.3.4.0 (x64) [Jun 20 2016] (Gratuit) par Adlice Software
email : http://www.adlice.com/contact/
Remontées : http://forum.adlice.com
Site web : http://www.adlice.com/fr/logiciels/roguekiller/
Blog : http://www.adlice.com
Système d'exploitation : Windows 10 (10.0.10586) 64 bits version
Démarré en : Mode normal
Utilisateur : x [Administrateur]
Démarré depuis : C:\Users\x\Downloads\RogueKillerX64 (10).exe
Mode : Scan -- Date : 06/20/2016 15:57:23
¤¤¤ Processus : 0 ¤¤¤
¤¤¤ Registre : 0 ¤¤¤
¤¤¤ Tâches : 0 ¤¤¤
¤¤¤ Fichiers : 2 ¤¤¤
[File.Forged][Fichier] C:\Windows\System32\drivers\hidparse.sys -> Trouvé(e)
[File.Forged][Fichier] C:\Windows\System32\drivers\hidusb.sys -> Trouvé(e)
¤¤¤ Fichier Hosts : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Chargé) ¤¤¤
¤¤¤ Navigateurs web : 0 ¤¤¤
__
I don't get anything else with any other software so I just wanted to make it sure before taking any actions.
Thanks in advance.
Pages: [1]
