![]() ![]() ![]() ( please don't put logs in code or quotes and use the default font) Post back the report which should be located on your desktop. RogueKiller Close out the program > Don't Fix anything!ĭon't run any other options, they're not all bad!!!!!!! Please download and run RogueKiller 32 bit to your desktop. on the system, please remove or uninstall them now and read the policy on Piracy.įailure to remove such software will result in your topic being closed and no further assistance being provided. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.įailure to remove or disable such software will result in your topic being closed and no further assistance being provided.Ģ. Do you really think this is a virus? If so, how do I remove it?ġ. Now, the real reason I posted this was because Malwarebytes (with the latest updates and everything) does NOT detect it. It immediately came to me that this was a virus that mined Bitcoins for an attacker (in Russia, obviously) using MY computer and MY resources. I took a look at the batch file, and it had instructions to run the executable and it had a few tags talking about a Russian Bitcoin email address and a Russian Bitcoin site. ![]() ![]() I looked at the 'csrss.exe' file and it had no description (which should be 'Client Server Runtime Process'), it did not have the Microsoft copyrights, and it was not owned by TrustedInstaller. I decided to look in the Java update folder and I saw an executable called 'csrss.exe', a batch file and a bunch of DLLs. I disabled it in msconfig and it kept re-enabling itself, and then stopped after a few days (whew). I looked up this process and saw it was malicious (the normal Java update process is called 'jusched.exe'). It seemed to be running a process called 'jsheded.exe' located in the Java update folder. I was on my dad's laptop and I noticed that every time I logged on, I saw this command prompt window pop up that would stick around for a while and then disappear. Endpoint Detection & Response for Servers ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |