Windows 10: PUA:Win32/CoinMiner and XMRig cannot get rid of

Discus and support PUA:Win32/CoinMiner and XMRig cannot get rid of in AntiVirus, Firewalls and System Security to solve the problem; Hi guys, This has been doing my head in so after some help if possible i have done a lot of googling and tried most things but windows av keeps showing... Discussion in 'AntiVirus, Firewalls and System Security' started by nitehawk, Oct 13, 2020.

  1. NITEHAWK
    nitehawk Win User

    PUA:Win32/CoinMiner and XMRig cannot get rid of


    Hi guys, This has been doing my head in so after some help if possible
    i have done a lot of googling and tried most things but windows av keeps showing this

    Ok, so for some reason win 10 Av keeps finding PUA:Win32/CoinMiner and XMRig as (active)

    PUA:Win32/CoinMiner and XMRig cannot get rid of [​IMG]

    PUA:Win32/CoinMiner and XMRig cannot get rid of [​IMG]

    PUA:Win32/CoinMiner and XMRig cannot get rid of [​IMG]

    I have run Rkill and then Malwaresbytes and ESET Online Scanner and also in Safe mode with both scanners, Under win 10 2004 (19041.508)
    which have found nothing/nada
    If these keeps saying (Active) does this mean that the programs are actually running?
    why do two programs not show anything wrong and windows Av keeping giving me these issues?
    My lappy is LAGGY as heck and usually System interrupts go up to 100% a lot of the last few weeks
    What else can i try as i am going grey over this PUA:Win32/CoinMiner and XMRig cannot get rid of :)
    Thanks guys

    Edit, i cannot find any of the folders these PUAs are running under either


    here is my Rkill report

    Program started at: 10/13/2020 04:49:18 PM in x64 mode.
    Windows Version: Windows 10 Home

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * No malware processes found to kill.

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * No issues found.

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * HOSTS file entries found:

    127.0.0.1 localhost
    ::1 localhost

    0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
    0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
    0.0.0.0 media.opencandy.com
    0.0.0.0 cdn.opencandy.com
    0.0.0.0 tracking.opencandy.com
    0.0.0.0 api.opencandy.com
    0.0.0.0 api.recommendedsw.com
    0.0.0.0 rp.yefeneri2.com
    0.0.0.0 os.yefeneri2.com
    0.0.0.0 os2.yefeneri2.com
    0.0.0.0 installer.betterinstaller.com
    0.0.0.0 installer.filebulldog.com
    0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
    0.0.0.0 inno.bisrv.com
    0.0.0.0 nsis.bisrv.com
    0.0.0.0 cdn.file2desktop.com
    0.0.0.0 cdn.goateastcach.us

    20 out of 41 HOSTS entries shown.
    Please review HOSTS file for further entries.

    Program finished at: 10/13/2020 04:59:04 PM
    Execution time: 0 hours(s), 9 minute(s), and 45 seconds(s)

    :)
     
    nitehawk, Oct 13, 2020
    #1
  2. FERNANDORAMALHO1
    FernandoRamalho1 Win User

    PUA:Win32/CoinMiner

    PUA: Win32 / CoinMineromo resolvedor PUA: Win32 / CoinMiner no Windows Defender

    Obrigado

    Fernando Ramalho
     
    FernandoRamalho1, Oct 13, 2020
    #2
  3. SHANI NASIRSSEMPALA
    shani nasirssempala Win User
    PUA:Win32/CoinMiner

    PUA:Win32/CoinMiner i have this virus in my computer for over 2 weeks and its growing on and on and i cant delete it
     
    shani nasirssempala, Oct 13, 2020
    #3
  4. TANNAMCGUIRE
    TannaMcguire Win User

    PUA:Win32/CoinMiner and XMRig cannot get rid of

    win32/clepissup getting rid of

    win32/clepissup getting rid of this virus.. I keep cleaning the computer and it keeps coming back
     
    TannaMcguire, Oct 13, 2020
    #4
Thema:

PUA:Win32/CoinMiner and XMRig cannot get rid of

Loading...

  1. PUA:Win32/CoinMiner and XMRig cannot get rid of - Similar Threads - PUA Win32 CoinMiner

  2. How to get rid of "Win32/CoinMiner.I" malware

    in Windows 10 Gaming
    How to get rid of "Win32/CoinMiner.I" malware: I've seen some posts with a similar problem, but the solutions seem to be specific to each person so here is my Windows Defender alert:Detected: Behavior:Win32/CoinMiner.IAffected Items: behavior: process: C:\Windows\System32\conhost.exe, pid:2776:120617923854497 process:...

  3. How to get rid of "Win32/CoinMiner.I" malware

    in Windows 10 Software and Apps
    How to get rid of "Win32/CoinMiner.I" malware: I've seen some posts with a similar problem, but the solutions seem to be specific to each person so here is my Windows Defender alert:Detected: Behavior:Win32/CoinMiner.IAffected Items: behavior: process: C:\Windows\System32\conhost.exe, pid:2776:120617923854497 process:...

  4. Get rid of COINMINER?

    in Windows 10 Gaming
    Get rid of COINMINER?: I saw that we can get help removing coinminer here, and I am quite sick of seeing it appear. If I can get help with this i would appreciate it. Here are the logs from FRST.https://www.dropbox.com/scl/fo/i8dlqhkcwwq34llqkaz74/h?rlkey=r1j0uxnqure9b370rstd3luqo&dl=0...

  5. Get rid of COINMINER?

    in Windows 10 Software and Apps
    Get rid of COINMINER?: I saw that we can get help removing coinminer here, and I am quite sick of seeing it appear. If I can get help with this i would appreciate it. Here are the logs from FRST.https://www.dropbox.com/scl/fo/i8dlqhkcwwq34llqkaz74/h?rlkey=r1j0uxnqure9b370rstd3luqo&dl=0...

  6. Get rid of COINMINER?

    in AntiVirus, Firewalls and System Security
    Get rid of COINMINER?: I saw that we can get help removing coinminer here, and I am quite sick of seeing it appear. If I can get help with this i would appreciate it. Here are the logs from FRST.https://www.dropbox.com/scl/fo/i8dlqhkcwwq34llqkaz74/h?rlkey=r1j0uxnqure9b370rstd3luqo&dl=0...

  7. What is PUA win32 presenoken

    in AntiVirus, Firewalls and System Security
    What is PUA win32 presenoken: I found threat on window threat protection and there are 3 choice quaruntine remove and allow i choose remove and start action does it a right choice to do https://answers.microsoft.com/en-us/protect/forum/all/what-is-pua-win32-presenoken/d001fb63-7b5c-42fb-9c73-370b4f4c4491

  8. Win32/Coinminer

    in AntiVirus, Firewalls and System Security
    Win32/Coinminer: Few days ago i downloaded a file game but I think it had virus. So after installing it till now windows defender finds a threat basically when I on the system. Its Win32/Coinminer. I did the full scan in windows defender quite a few time but it doesn't,find a threat almost...

  9. Kali Linux ISO a virus? PUA: Win32/CoinMiner

    in Windows 10 Network and Sharing
    Kali Linux ISO a virus? PUA: Win32/CoinMiner: I downloaded the official Kali Linux ISO file to create a boot stick but then I got a lot of messages from Windows Defender like PUA: Win32/CoinMiner, Trojan: PHP/RevWebshell, Exploit: JS/ShellCode, Exploit: Ruby/JSShell and 7 more malware and all of them were classified as...

  10. Windows Defender picks up Win32/deplock but cannot get rid of it?

    in AntiVirus, Firewalls and System Security
    Windows Defender picks up Win32/deplock but cannot get rid of it?: Dear All, I wonder whether you've come across this one: I run Windows 20175 and I use MalwareBytes as main protection software. Yesterday I decided to also enable Windows Defender to fully scan the system. Windows Defender found two trojans: One (which I can't remember its...