MINERD.EXE is Virus BitCoin

May 2, 2013 by NightWatcher
Filed under: Virus 
: Solved!

You should Download Removal Tool here...

The system file MINERD.EXE is infected with a virus. We recommend you to replace the MINERD.EXE file with its backup copy.

Malware Analysis of MINERD.EXE
Full path on a computer: %Appdata%\cos\minerd.exe

Detected by UnHackMe:

Item Name: AntivirusltcUpddates
Author: Unknown
Related File: %APPDATA%\COS\COIN.EXE
Type: Registry Run

Item Name: minerd.exe
Author: Unknown
Related File: %APPDATA%\COS\MINERD.EXE
Type: Running Processes

Removal Results: Success
Number of reboot: 1

MINERD.EXE is known as:

Virus.BitCoin, RiskTool.BitCoinMiner.ccx, TrojWare.BitCoinMiner.~A, Tool.BtcMine.97, TR.BitCoinMinerAL.A.11, TrojanDownloader.Agent.eywp, Trojan.A.Downloader.401920.AO, W32.Trojan.GMGY-7235, TrojanDownloader.Agent, a variant of Win32.BitCoinMiner.K

MINERD.EXE hash:

  • MD5: e02477250ec492c18a2073305b557fd3
The file tries to download information from some web sites.
How to quickly detect MINERD.EXE presence? 

Registry:
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AntivirusltcUpddates: “”%Appdata%\cos\coin.exe”"
Folders:
  • %Appdata%\cos
Files:
  • %Appdata%\cos\coin.exe
  • %Appdata%\cos\libcurl-4.dll
  • %Appdata%\cos\minerd.exe
  • %Appdata%\cos\pthreadGC2.dll
  • %Appdata%\cos\start.bat
  • %Temp%\gbQkb.exe


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.