Jump to content

Recommended Posts

Posted

We using ESET FILE SECURITY 7.3 on Windows Server 2012R2. 

Currently, our system overload 100% CPU performance, but ESET can not detect any problem. However, after we turnoff process and restart server, the error happened again.

We tried use processexplore, and detect after access to sites: 'pool.supportxmr.com:443' - system will happen this error, and parent process will run 100% cpu. (picture 3)

C:\Windows\System32\svchost.exe -o pool.supportxmr.com:443 -u 44bwTAxAcX7Q99bCLnawEQW55LrCqEUfT1D8pnzz9f1LXSSwp3AXD1K829xt7xKoFdUfdxneZGCmi6BfyHVbQy73UN7GQMJ -k --tls -p 054 (picture 1) .

We send you data file and svchost dump.

Please help us, thanks.

 

picture 3.jpg

picture 1.png

2.png

malware.zip

  • Administrators
Posted

Detection for XblGameUpdateTask.exe will be added in the next update, then ESET should be able to detect and clean it.

  • Administrators
Posted

The file is already detected:

XblGameUpdateTask-bk.exe - a variant of MSIL/Kryptik.ACQS trojan

 

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...