1

Hi I am running Windows Server 2012 R2. And I am facing a strange problem.

There active_desktop_launcher.exe service is randomly get executed and takes up 100% of CPU utilization slowing the whole server down. It automatically get executed even ending task from task manager

Detail:
active_desktop_launcher.exe 
Product Name: KuGou
Company Name: 酷狗音乐
https://threatinfo.net/files/active_desktop_launcher.exe-cd8dc9341aa5b888c3bd040e499c3cf2

enter image description here

I have installed MSE on server, but scan shows no result. I am unable to install any other anti-malware software on the server.

Please advice how to remove this. Thanks

10K35H 5H4KY4
  • 119
  • 1
  • 9
  • 1
    You need to rebuild the system. – Davidw Jun 13 '18 at 03:34
  • @Davidw rebuild means, update the windows available updates? Please explain a bit; if you know the solution. Will appreciate your help. Is "active_desktop_launcher.exe" from KuGou a malware? – 10K35H 5H4KY4 Jun 13 '18 at 03:42
  • 1
    Wipe and reload it. That is the appropriate process for dealing with malware on servers. – Davidw Jun 13 '18 at 05:21

2 Answers2

0

Run PowerShell as administrator, then:
cd C:\Users\Public\Documents\
TaskKill /IM active_desktop_launcher.exe /F
Remove-Item active_desktop_launcher.exe -Force

Ultimately you need to wipe/reload the OS though, yes.

KidACrimson
  • 330
  • 1
  • 10
  • 26
-2

You need to delete the file, then the windows will prevent you delete, coz you are running the process. Then go to task manager > performance > Resource Monitor > CPU

Then you will see the "active_desktop_launcher" running. Tick the process and right click, > End Process Tree. Immediately after that select the Files in the "Public Documents" folder process "Shift + Delete".

Then I sew a massive process was killed. I'm not sure what is going to happen after restart. So far so good.

UK Wick
  • 1