Jump to content

Issue with miner.

Recommended Posts

After posting a several topics it seems malwarebytes now detects a virus that I'm sure I have, however this seems to be similar to curing a cough for lung cancer. I currently have a monero XLR coin miner on my pc, I know this from procmon and processhacker. Blocking the ports that the program uses doesn't seem to work at all, oddly, though that may be due to my own ineptitude and lack of experience. If I simply try to delete it or use malwarebytes to get rid of it then it just comes back within a random timeframe, could be 2 minutes, could be 2 hours, I know the timeframe through malwarebytes logs deleting the program. The program spoofs its certificate as teamviewer, although I clearly know its not.

Anyway, due to it coming back I suspected it was a service problem, where it'd try to constantly run or whatnot, however this doesn't seem to be the case either, as I've looked through all the services and none seem particularly suspicious.

Do any of you have any suggestions I could try? Malwarebytes detects nothing else on my pc.

I have more details about the program if it could help, just ask for anything you're curious about. DLL usage and whatnot, address, ports, monero XLR wallet code, etc.

I am doing scans and whatnot to gather the logs that you request right now.

Edited by A1SteakSauce
Link to post
Share on other sites

  • 2 weeks later...
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.