Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XSDL.exe


  • Please log in to reply
5 replies to this topic

#1 nimeoa

nimeoa

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 07 May 2015 - 10:52 PM

Hello, I hope I'm posting this in the correct spot... So for the past few days, I've noticed that a process called XSDL.exe is showing up in my task manager. If I try to end the process, I get a warning that my computer will be shut down immediately and I'll lose all unsaved data, as if it were a critical application. Unsure of what it is, I've searched all over the internet and haven't found anything on what it is, other than a few topics about an Android app I believe. Malwarebytes and TDSSkiller have found nothing, however when I run Rogue Killer, once it gets to analyzing the XSDL.exe process, my computer instantly restarts. Does anyone have any diea what this process is, and am I just being paranoid?


Edited by nimeoa, 07 May 2015 - 11:20 PM.


BC AdBot (Login to Remove)

 


#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:54 PM

Posted 08 May 2015 - 03:15 AM

Hi there,

Can you search for that file and upload it to VirusTotal, then copy the link to the result here?

Regards,
Alex

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,745 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:54 AM

Posted 08 May 2015 - 01:12 PM

Windows Task Manager does not provide enough information. These are tools to investigate running processes, programs that run at startup, services and gather additional information to identify them or resolve problems:These tools will provide information about each process, CPU usage, file description and its location. Most of them are stand-alone portable apps in a zip file so no installation is necessary. The first five tools are especially useful and I use them all to compare the information each provides.

A file's properties may give a clue to identifying it. Right-click on the file, choose Properties and examine the General, Details and Version tabs.

If the file is related to a service, open services.msc, scroll through the list, locate and right-click on the service, then select Properties. On the General tab, there will be a "Path to executable" just above the Startup type.

Right-clicking on a process in ProcessHacker or System Explorer allows you to send it (File Check) to Jotti's virusscan or VirusTotal. Process Hacker also allows sending it to Comodo.

Right-clicking on a process in Process Explorer or AnVir TaskManager Free allows you to send it to VirusTotal.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 nimeoa

nimeoa
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:54 AM

Posted 08 May 2015 - 02:04 PM

So, using ProcessHacker, I was able to pinpoint where the file was and send it to Virus Total. From the looks of it, it seems to have been a trojan of some sort. I deleted it in safe mode and everything seems to be fine. Thanks a ton for the help and suggestions.



#5 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:02:54 PM

Posted 08 May 2015 - 02:06 PM

Hi there,

If you want a checkup for any lurking malware, let us know.

Alex

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,745 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:54 AM

Posted 08 May 2015 - 03:44 PM

You're welcome on behalf of the Bleeping Computer community.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users