Jump to content

repeatedly NSIS / CoinMiner.T Trojan


johnh
 Share

Recommended Posts

Aletra virus repeatedly NSIS / CoinMiner.T Trojan. Disinfected by deletion but does not appear in the registry or in quarantine. Then once again comes NSIS / CoinMiner.T Trojan ....
Help

Link to comment
Share on other sites

  • Administrators

For a start, please provide logs collected with ESET Log Collector. Feel free to post the generated archive here since attachments are not available to other users than ESET's staff.

Link to comment
Share on other sites

  • Administrators

I'd strongly recommend uninstalling EEA v5 and installing the latest EEA v7.1. Instead of updating from a mirror, I'd suggest using ESET HTTP Proxy to cache dowloaded files and thus save network traffic. Also when updating from a mirror you lose streamed updates that are downloaded every few minutes and thus ensure maximum protection against newly emerging threats.

As for the malware, it seems to be spreading from a remote share. Does temporarily disconnecting the machine from LAN stop malware detections? Please carry on as follows:
- upgrade Endpoint on the machine to v7.1. Ideally install Endpoint from scratch, ie. uninstall v5 first.
- run a full disk scan
- collect fresh logs with ELC and upload the generated archive here.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...