You have definitely heard of cryptocurrencies before. It is a very profitable niche and everyone tries to jump into this train of money right now. Unfortunately, some individuals explore deceptive ways to earn virtual money and regular users become victims. In this case, we are talking about Shadowsocks Trojan virus. It was designed with a goal to infect computers and secretly use their computing power to mine cryptocurrencies.
During the past two months we already informed our visitors about two mining trojans that are very similar to this one – Crypto-Loot Miner and CoinHive Miner. It seems like this type of viruses are on the rise and this tendency is going to continue.
When your computer gets hit with ransomware or adware malware, usually it is obvious – you receive some kind of message or very well expressed symptoms. We can’t say that about Shadowsocks Trojan. Developers of this infection want users not to notice those malicious activities, thus the system would be kept as a slave for as long as possible, therefore you won’t receive any message about infected system (unless you have active anti-malware security tool in the background).
Once installed on the computer, Shadowsocks Trojan will run a process called websock.exe or service.exe. It is a mining process, dedicated to mine some particular cryptocurrencie. It will require a lot of computing power of your device, so you are likely to experience much slower work of your system, random freezes and similar symptoms.
There are examples when trojan miners similar to this one was operating on users computers for months and managed to mine a lot of cryptocurrencies. The biggest problem here is that most of the users are not aware of such as problem and simply thinks that slow work of computer and enormous usage of CPU and GPU resources are normal or it’s just a result of poor performance of the computer. Whenever you’re in doubt – scan your computer with reliable anti-malware application, such as Reimage or SpyHunter. Either one of those applications should be able to detect and remove malicious trojan files automatically. Virus database of Reimage anti-malware tool is updated constantly, so you can be sure that regardless of what virus do you have, it will be able to detect and remove it.
Another possible solution – just find and remove malicious files manually, by yourself. You should open the task manager and look for processes that are consuming the power of your CPU and GPU the most. In this case (if the computer is infected with Shadowsocks Trojan), you should find service.exe or websocks.exe. When you know the name, you can try to look for files and folders named like this on your computer. However, this method is risky because you can fail to remove all files related to the virus.
You should also keep in mind that if this miner managed to get infiltrated into your computer, there is a big chance that other malware did the same. That means your computer is already infected with other viruses or that it will soon be. Again, you should get yourself reliable anti-malware application with a real time protection feature to make sure that this won’t happen again.