Quantcast
Channel: How to Remove Malware
Viewing all articles
Browse latest Browse all 38585

CROSSRIDERMANIFEST.JSON is Trojan Crossrider

$
0
0

We checked up the file CROSSRIDERMANIFEST.JSON and found it hazardous.
The file CROSSRIDERMANIFEST.JSON must be deleted from the system immediately.
Kill the process CROSSRIDERMANIFEST.JSON and remove CROSSRIDERMANIFEST.JSON from the Windows startup.

Malware Analysis of CROSSRIDERMANIFEST.JSON
Full path on a computer: %LOCAL APPDATA%\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JIEKONLJBEIPFKLHCHHDJDDEJAENNFNL\1.25.85_0\CROSSRIDERMANIFEST.JSON

Detected by UnHackMe:

CROSSRIDERMANIFEST.JSON
Default location: %LOCAL APPDATA%\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JIEKONLJBEIPFKLHCHHDJDDEJAENNFNL\1.25.85_0\CROSSRIDERMANIFEST.JSON

Removal Results: Success
Number of reboot: 1

CROSSRIDERMANIFEST.JSON is known as:

Trojan.Crossrider

How to quickly detect CROSSRIDERMANIFEST.JSON presence?
Files:
  • %APPDATA%\MOZILLA\FIREFOX\PROFILES\CWDGT0Y8.DEFAULT\EXTENSIONS\CROSSRIDERAPP12555@CROSSRIDER.COM\CHROME\CONTENT\CORE\XHR.JS
  • %APPDATA%\MOZILLA\FIREFOX\PROFILES\CWDGT0Y8.DEFAULT\EXTENSIONS\CROSSRIDERAPP12555@CROSSRIDER.COM\CHROME\CONTENT\BROWSER.XUL
  • %APPDATA%\MOZILLA\FIREFOX\PROFILES\CWDGT0Y8.DEFAULT\EXTENSIONS\CROSSRIDERAPP12555@CROSSRIDER.COM\CHROME\CONTENT\CORE\SEARCHSETTINGS.JS
  • %APPDATA%\MOZILLA\FIREFOX\PROFILES\CWDGT0Y8.DEFAULT\EXTENSIONS\CROSSRIDERAPP12555@CROSSRIDER.COM\CHROME\CONTENT\CORE\LOGFILE.JS
  • %LOCAL APPDATA%\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\JIEKONLJBEIPFKLHCHHDJDDEJAENNFNL\1.25.85_0\CROSSRIDERMANIFEST.JSON


Viewing all articles
Browse latest Browse all 38585

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>