Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"InjectIntoProcess crash" file in C: directory


  • Please log in to reply
3 replies to this topic

#1 idontknowwhattochose

idontknowwhattochose

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 03 November 2015 - 01:20 AM

I got this really strange "InjectIntoProcess crash" file in my C:\ directory, it was modified on 11/2/15 4:16 am, created at 3:57 am, and the file consists of 16 zeros. My only clue to this is when I woke up today, my firefox has crashed overnight. Any ideas on how "InjectIntoProcess crash" got there and what it is?



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,485 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:46 PM

Posted 05 November 2015 - 12:03 PM

Hi idontknowwhattochose :)

It seems like this folder isn't malicious, and created when applications programmed a certain way crashes in special circumstances. See the following link:

http://forum.madshi.net/viewtopic.php?f=7&t=27494

Also, this folder appeared in a few logs on other malware removal forums, and the helpers never adressed it, which shows that there's most likely no reason to worry since the folder is legitimate, but you can delete it.

http://www.bleepingcomputer.com/forums/t/524212/intenet-connection-being-hijacked-my-computer-download-speed-slow/
http://forums.whatthetech.com/index.php?showtopic=123704&page=4
https://forums.malwarebytes.org/index.php?/topic/161053-windows-tmpexe-errors-and-malicious-web-blocking/page-2#entry920721
https://forums.techguy.org/threads/hidden-malware-use-preocedure-to-solve-same-similar-problem.1155703/page-2

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 idontknowwhattochose

idontknowwhattochose
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:10:46 AM

Posted 05 November 2015 - 06:21 PM

Thanks. That file seemed suspicious when I saw it. It hasn;t changed since 4:16 am 11/2/15.



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,485 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:46 PM

Posted 05 November 2015 - 09:13 PM

No problem :) You can delete it if you want as you don't need it.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users