Mike_Kintaru 2 Posted September 1 Share Posted September 1 We using ESET FILE SECURITY 7.3 on Windows Server 2012R2. Currently, our system overload 100% CPU performance, but ESET can not detect any problem. However, after we turnoff process and restart server, the error happened again. We tried use processexplore, and detect after access to sites: 'pool.supportxmr.com:443' - system will happen this error, and parent process will run 100% cpu. (picture 3) C:\Windows\System32\svchost.exe -o pool.supportxmr.com:443 -u 44bwTAxAcX7Q99bCLnawEQW55LrCqEUfT1D8pnzz9f1LXSSwp3AXD1K829xt7xKoFdUfdxneZGCmi6BfyHVbQy73UN7GQMJ -k --tls -p 054 (picture 1) . We send you data file and svchost dump. Please help us, thanks. malware.zip Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 3,828 Posted September 1 Administrators Share Posted September 1 Detection for XblGameUpdateTask.exe will be added in the next update, then ESET should be able to detect and clean it. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 3,828 Posted September 1 Administrators Share Posted September 1 The file is already detected: XblGameUpdateTask-bk.exe - a variant of MSIL/Kryptik.ACQS trojan Quote Link to comment Share on other sites More sharing options...
Mike_Kintaru 2 Posted September 1 Author Share Posted September 1 Thanks @Marcos. We resolved this problem. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.