Author Topic: [Split]Proc.Injected  (Read 7390 times)

0 Members and 1 Guest are viewing this topic.

February 19, 2015, 03:07:47 AM

webshark

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
[Split]Proc.Injected
« on: February 19, 2015, 03:07:47 AM »
I have this too its identifying as malware.. But I use ESET, is this false?

Reply #1February 19, 2015, 05:09:29 PM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]Proc.Injected
« Reply #1 on: February 19, 2015, 05:09:29 PM »
Hi webshark,

Welcome to Adlice.com Forum.
Could you please post RogueKiller's full report ?

Regards.

Reply #2February 20, 2015, 08:24:56 AM

webshark

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: [Split]Proc.Injected
« Reply #2 on: February 20, 2015, 08:24:56 AM »
Hi and thank you. 


See below..

Code: [Select]
RogueKiller V10.4.1.0 (x64) [Feb 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Webshark [Administrator]
Mode : Scan -- Date : 02/19/2015  23:23:07

¤¤¤ Processes : 1 ¤¤¤
[Proc.Injected] ekrn.exe(428) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[7] -> Killed [DrvNtTerm]

¤¤¤ Registry : 8 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS721010A9E630 +++++
--- User ---
[MBR] 900a5bc71024135ed8b6d0cfd27addf5
[BSP] a4fbb5db04fcc0e33f47bb1018333b14 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 381546 MB
4 - Basic data partition | Offset (sectors): 783718400 | Size: 550704 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_02172015_155843.log - RKreport_DEL_02172015_162257.log - RKreport_DEL_02172015_171206.log - RKreport_DEL_02172015_171723.log
RKreport_DEL_02182015_002110.log - RKreport_DEL_02182015_152142.log - RKreport_DEL_02182015_180559.log - RKreport_DEL_02192015_042247.log
RKreport_SCN_02172015_155527.log - RKreport_SCN_02172015_160207.log - RKreport_SCN_02172015_165846.log - RKreport_SCN_02182015_001827.log
RKreport_SCN_02182015_002355.log - RKreport_SCN_02182015_151737.log - RKreport_SCN_02182015_180439.log - RKreport_SCN_02192015_041822.log

Code: [Select]
RogueKiller V10.4.1.0 (x64) [Feb 19 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Webshark [Administrator]
Mode : Delete -- Date : 02/19/2015  23:24:26

¤¤¤ Processes : 1 ¤¤¤
[Proc.Injected] ekrn.exe(428) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe[7] -> Killed [DrvNtTerm]

¤¤¤ Registry : 8 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Not selected
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Not selected
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Not selected
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Not selected
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Not selected
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Not selected
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031A47-3F72-44A7-89C5-5595FE6B30EE} : 1  -> Not selected
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1097723696-2228173156-1488032488-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: HGST HTS721010A9E630 +++++
--- User ---
[MBR] 900a5bc71024135ed8b6d0cfd27addf5
[BSP] a4fbb5db04fcc0e33f47bb1018333b14 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 206848 | Size: 900 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 2050048 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2312192 | Size: 381546 MB
4 - Basic data partition | Offset (sectors): 783718400 | Size: 550704 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1911560192 | Size: 20490 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_DEL_02172015_155843.log - RKreport_DEL_02172015_162257.log - RKreport_DEL_02172015_171206.log - RKreport_DEL_02172015_171723.log
RKreport_DEL_02182015_002110.log - RKreport_DEL_02182015_152142.log - RKreport_DEL_02182015_180559.log - RKreport_DEL_02192015_042247.log
RKreport_SCN_02172015_155527.log - RKreport_SCN_02172015_160207.log - RKreport_SCN_02172015_165846.log - RKreport_SCN_02182015_001827.log
RKreport_SCN_02182015_002355.log - RKreport_SCN_02182015_151737.log - RKreport_SCN_02182015_180439.log - RKreport_SCN_02192015_041822.log
RKreport_SCN_02192015_232307.log

Reply #3February 20, 2015, 09:07:11 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]Proc.Injected
« Reply #3 on: February 20, 2015, 09:07:11 AM »
Hi webshark,

Your report is clean.
This entry will be whitelisted in the next version of RogueKiller.

Regards.

Reply #4February 20, 2015, 09:46:10 AM

webshark

  • Newbie

  • Offline
  • *

  • 3
  • Reputation:
    0
    • View Profile
Re: [Split]Proc.Injected
« Reply #4 on: February 20, 2015, 09:46:10 AM »
Thank you so much!

Reply #5February 20, 2015, 09:53:51 AM

Curson

  • Global Moderator
  • Hero Member

  • Offline
  • *****

  • 2809
  • Reputation:
    100
    • View Profile
Re: [Split]Proc.Injected
« Reply #5 on: February 20, 2015, 09:53:51 AM »
Hi webshark,

Your are welcome.
All the best.