Answer the question
In order to leave comments, you need to log in
J
J
Jau2021-04-21 13:18:41
Jau, 2021-04-21 13:18:41
Xmrig.exe: Miner or system service?
xmrig.exe is a system service, or a miner? According to the logs of 360 T / S, I received such information when checking it for viruses. I am confused by "Win64/Miner.BitMiner.H8oAPtcA" and "C:\Users\Admin\AppData\Roaming\Microsoft Security\xmrig.exe". It seems to be a miner, but it seems to be in Microsoft Security. Checking in Virus Total showed a more open result, here is the link: [ https://www.virustotal.com/gui/file/ebf9acca47a2ac... ]. Delete or leave?
Type:
Win64/Miner.BitMiner.H8oAPtcA
Group:
System Boot Check Engine
:
Cloud Scanner 360
File Path:
C:\Users\Admin\AppData\Roaming\Microsoft Security\xmrig.exe
File Size:
4.35M (4,557,312 Bytes)
File Version :
1.0.0
File description:
Antimalware Service Executable
MD5:
7ec93e8fa8a19cfc23b4bf34aec0a9c6 Registry
path:
\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Registry name:
Runtime Broker.exe Registry
value:
C:\Users\Admin\AppData\Roaming\Microsoft Security \ xmrig.exe --url = xmr-eu1.nanopool.org: 14444 --background --cpu-priority = 5 --keepalive --coin = monero --user = 43HcUvJDn5i49b4bGtC9aj5Z7iTYHCSPrBHo22x8pNK5XGkbtje5MaxWdJZRFoLxcWUqMZf9G8iS4XMWTPfZGzCiQ5d4ETa --cpu -max-threads-hint = 50 --donate-level=1 --retries=25 --max-cpu-usage=50
Suggestion:
Disabled since launch、Quaranteed files
1 answer(s)
@Jau
A
Alexander Bondar, 2021-04-21 @Jau
This is a miner designed to mine the Monero cryptocurrency.
If you yourself have not installed any software for mining the Monero cryptocurrency, I recommend deleting this miner.
There are removal instructions on Google.
Similar questions
P
I
G
A
Artyom Poddubsky2015-09-12 13:15:45
Is there an instruction to remove banner viruses for dummies?
3Reply
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question