SunDevil311

Please close this topic. I decided to simply revert back to a recent backup from 4/6 and so far everything is golden. Will create a new topic if the problem reoccurs. Thank you!

Recently received a number of IPS notifications from Norton 360 Premium regarding various Miner.BitcoinMiner variations. I've blocked all traffic to the destination in question (an IP and FQDN were noted) via software firewall and blackholed the FQDN in the Windows hosts file (pointed it to the loopback address). The FQDN identified, FWIW, was randomxmonero *dot* eu-north *dot* nicehash *dot* com, which resolves to the IP identified in the screenshots. Scans with Norton and Malwarebytes did not identify anything I haven't seen before, and nothing specifically related to bitmining. Malwarebytes and FRST logs attached. Thank you! Addition.txt MB-log.txt FRST.txt