parahesap 1 Posted May 23, 2021 Author Share Posted May 23, 2021 19 minutes ago, Marcos said: We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload: I expect the detection to be available momentarily via streamed/pico updates. Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection. LiveGrid Feedback system is active. Should I format to Windows 10? Will this problem take a long time to resolve? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,136 Posted May 23, 2021 Administrators Share Posted May 23, 2021 You can scan the content of the folder that you supplied to me. If not detected yet, reboot the machine to enforce update of the LiveGrid blacklist. Link to comment Share on other sites More sharing options...
Solution parahesap 1 Posted May 23, 2021 Author Solution Share Posted May 23, 2021 52 minutes ago, Marcos said: You can scan the content of the folder that you supplied to me. If not detected yet, reboot the machine to enforce update of the LiveGrid blacklist. I see the warning text has changed after restarting the computer. I scanned again and saw it deleted two spyware. You got him, Sir. The alert is no longer displayed. Thank you so much! Nightowl 1 Link to comment Share on other sites More sharing options...
itman 1,705 Posted May 23, 2021 Share Posted May 23, 2021 (edited) Looks like my suspicious were correct. It was a coin miner. The question is was HashCalc actually and deliberately installed? Always opt for portable download versions of utility software like this. -EDIT- Also think twice about installing or running directly any unsigned software which I assume this HashCalc software was. Edited May 23, 2021 by itman Nightowl 1 Link to comment Share on other sites More sharing options...
parahesap 1 Posted May 23, 2021 Author Share Posted May 23, 2021 (edited) I am absolutely not interested in mining. What are mining software? I do not know. I have never used it. There was no problem with CPU and GPU statistics. But the important thing is that problem has been solved. I am very grateful. Edited May 23, 2021 by parahesap Link to comment Share on other sites More sharing options...
itman 1,705 Posted May 23, 2021 Share Posted May 23, 2021 3 minutes ago, parahesap said: There was no problem with CPU and GPU statistics. This was because Eset was blocking execution of it when loaded into memory. You're a lucky fellow on this incident. Hackers usually target servers to drop a miner on to mine bitcoin. But, it does happen with client devices also. parahesap 1 Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 394 Posted May 24, 2021 Most Valued Members Share Posted May 24, 2021 14 hours ago, parahesap said: I am absolutely not interested in mining. What are mining software? I do not know. I have never used it. There was no problem with CPU and GPU statistics. But the important thing is that problem has been solved. I am very grateful. I suppose the question is have you downloaded or installed anything new recently or opened any email attachments that may have been malware Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 206 Posted May 24, 2021 Most Valued Members Share Posted May 24, 2021 (edited) 15 hours ago, parahesap said: I am absolutely not interested in mining. What are mining software? I do not know. I have never used it. There was no problem with CPU and GPU statistics. But the important thing is that problem has been solved. I am very grateful. For example this for Bitcoin : Quote By mining, you can earn cryptocurrency without having to put down money for it. Bitcoin miners receive Bitcoin as a reward for completing "blocks" of verified transactions which are added to the blockchain. Malicious software programmers will program miners and spread it to many devices over the internet so they can mine cryptocurrency for themselves on your device , saving themselves the costs of hardware and electricity , now it doesn't look any helpful because still it's 1 device and possibly be weak and not strong But they aim to infect much larger numbers so they can benefit from it. So by making a miner , instead of mining on your own 1 PC or buying several devices/GPUs for mining , they go ahead and infect thousands of devices so they can mine fast and without costs. If it has kicked in and worked like it should , it should utilize most of your CPU/GPU or both and probably your PC will be tired after a good amount of time this has been running. Edited May 24, 2021 by Nightowl Link to comment Share on other sites More sharing options...
Recommended Posts