Jump to content

Squals24

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by Squals24

  1. Okay so this goes back about a week ago, where i was on a website that somehow automatically redirected me and started a download by force and I was unable to stop it. I think it was about a 1mb download which already worried me. Anyways, my computer was hit with the same virus (win32.adware.gen) around 12 times and i was also hit with 1 (win32.trojan.gen). The trojan was said to be taken care of by the antivirus as I never seen this pop up again, but where as the adware.gen was seemingly reinstalling itself over and over and over no matter how many times my anti virus went through its removal process. My Webroot antivirus could not get this virus off of my computer until I booted into safemode and deleted a program that my anti-malware program said had a suspicious file "TrojanDownloader". These threats were downloaded over my Microsoft Edge browser, as that was the browser I was using at the time. I Immediately uninstalled that browser, and permanently deleted all Microsoft edge files with my Webroot Antivirus in effort to help keep these infections from happening. Today I was hit with 3 more threats that they said stemmed from Microsoft Edge, even though i deleted all of the files I could have possibly deleted. My anti-malware would notify me of suspicious behaviors every so often and I would just keep my eye on what is happening. I also was notified by my Anti-malware of "suspicious host 72.30.3.42" 3 times today and this was the final straw, I know something is seriously wrong. I did some further research after those and went into Process Explorer, Task manager, and my Autoruns and discovered that I have 2 csrss.exe files in my processes as well as task manager. One of the csrss.exe uses a considerable amount more CPU(almost 1%) and Private bytes (around 6mb but will fluctuate to almost 12mb), where as the other uses virtually 0 CPU and around 1.8mb. Also the first csrss.exe file I talked about has way more threads, very high Cswitch delta numbers that fluctuate drastically, and a startup file called "cdd.dll+0x6840" which screams a red flag immediately to me because the 2nd one has nothing close to that. I am scared to take care of this by myself as I have an expensive computer that I would hate to ruin because I am not an expert on virus removal so I am turning to you for help. Thanks in advance, Squals24
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.