A
Alex_Win11
Guest
Windows Defender alerts malware CoinMiner.I on reboot stating it was been deleted. I am assuming it's reinstalling from another process and have been trying to track it down. This is the alert that I am getting.Detected: Behavior:Win32/CoinMiner.IStatus: RemovedA threat or app was removed from this device.Date: 10/10/2023 5:02 AMDetails: This program is dangerous and executes commands from an attacker.Affected items: behavior: process: C:\Windows\explorer.exe, pid:31584:120617923854497 process: pid:31584,ProcessStart:133414021413529505After doing some google searching. I've installed Sysmon,
Continue reading...
Continue reading...