0
|
Found a process on a clients computer called "sarcosogulpe.exe" that was trying to make, according to our Kaspersky AV, malicious calls to an amazon S3 server URL. Googling this executable only gives two results, with herd-protect.com saying it was first discovered at ~2:30am UTC on the 18th, less than 8 hours later, I am seeing this process on a client computer and can neither kill it with AV nor delete it.
Anyone else seeing this or know its origin?
Share |
Asked Sep 18 '14 at 14:00
|
|
0
|
You should run the client machine in safe mode, and then try to remove the file manually.
Share |
Answered Sep 23 '14 at 13:53
|
|