I'm from Microsoft, there's something wrong with your computer

**Eirikur** · 18 August 2015, 19:40

PC may be hijacked, in the near future when she will start it up a ransom screen will appear with an amount in bitcoins to pay on a Nigerian or Russian account to release the PC

**mudskipper** · 18 August 2015, 19:55

I've disconnected her from the internet, and having a poke around.

So it looks like he was connected via logmein for 40 minutes. He also installed teamviewer.

Looks like he's downloaded a csrss.exe - running a scan now...

**suityou01** · 18 August 2015, 19:57

Originally posted by mudskipper View Post

I've disconnected her from the internet, and having a poke around.

So it looks like he was connected via logmein for 40 minutes. He also installed teamviewer.

Looks like he's downloaded a csrss.exe - running a scan now...

csrss.exe is part of windows update. It can become compromised and usually a sign of that is this file running as a process hogging the CPU. That said it could just be windows updates trying to come down.

Switch off windows updates and turn off the service. If the file continues to hog CPU then be suspicious.

Truly HTH

Edit : I'm having a petit mal it seems. It is a valid windows process but is the usermode sub system and nothing to do with windows update, sorry. https://en.wikipedia.org/wiki/Client...time_Subsystem

**mudskipper** · 18 August 2015, 20:06

Scan clear - going to reconnect to interwebs and download malware finder stuff.

**suityou01** · 18 August 2015, 20:11

Originally posted by mudskipper View Post

Scan clear - going to reconnect to interwebs and download malware finder stuff.

The very best of luck.

**mudskipper** · 18 August 2015, 20:20

Originally posted by suityou01 View Post

The very best of luck.

You still doing fifteen dorra PC fix?

**suityou01** · 18 August 2015, 20:21

Originally posted by mudskipper View Post

You still doing fifteen dorra PC fix?

**EternalOptimist** · 18 August 2015, 20:21

Originally posted by mudskipper View Post

You still doing fifteen dorra PC fix?

Hold tight. I'm going in

**Scruff** · 18 August 2015, 20:25

Just buy her a Chromebook. Further assistance not required. Game over for Bobbits.

**Bacchus** · 18 August 2015, 20:27

Originally posted by mudskipper View Post

I've disconnected her from the internet, and having a poke around.

So it looks like he was connected via logmein for 40 minutes. He also installed teamviewer.

Looks like he's downloaded a csrss.exe - running a scan now...

don't want to teach anyone to suck eggs, but with my old girl's pc a very simple search on files that had been modified that day was very revealing

I'm from Microsoft, there's something wrong with your computer

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

I'm from Microsoft, there's something wrong with your computer

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Partners

Advertisers

Contractor Services

CUK News

Tag Cloud