id: 6184, type: PsInject (43), flags: 1 (wait: 1), cid: 3864/2824:\Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe
hips: type: 18, action: deny [5]
inject: ChangeThreadContext [2], target process: \Device\HarddiskVolume1\Windows\System32\cmd.exe:1552
signer: C=RU|O=Open Source Developer|CN=Open Source Developer, Maksim Moisiuk, timestamp: 10.10.2016 18:18:42.0000, thumbprint: 0871375ad8e26380ab9f2de61cf6bcba6514b478
hash: c79e49202b8cbfa5c9ad46346084569f9556aedb status: signed, pe32, new_pe (0x900200) / signed / unknown
threat: DPH:Trojan.Inject.2 ==> send user blocked alert
path: \Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe ==> denied access to file
process: \Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe:3864 ==> suspended all threads in process
path: \Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe ==> quarantined
send driver event reply for unblock process ==> success
process: \Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe:3864 ==> terminated
disinfect: \Device\HarddiskVolume1\Program Files\ConEmu\ConEmu\ConEmuC.exe ==> quarantined [8]
threat: DPH:Trojan.Inject.2 ==> sended user virus found alert