SQL client configuration utility virus

  • Thread starter Thread starter 8289sy
  • Start date Start date
8

8289sy

Guest
System:
Window10 (1903)
64bit


After login to the computer, cmd.exe pop up and never disappear. Shortly the SQL client configuration utility.exe pop up and request me to run it(as administrator). Everything seems right so far, I checked the location of sql by using task manager,it's the real SQL, not something recently downloaded,edited or renamed, I press yes, and I regret like a flash.


The SQL instantly download a file (zip) named "test" to [user\AppData\Local\Temp] and release it into [user\AppData\Roaming\Microsoft\Crypto]. What it downloaded wasn't a virus, but it's worse than a virus, it's a freaking auto bitcoin miner. From now on if I'm not using the computer for 20 to 30 minutes it'll automatically run in the background and use all my cpu to mine bitcoin.


Window defender and MRT.exe do nothing against it, McAfee do nothing either, third party antivirus software such as Malwarebytes can only locate the "test.zip" and released "miner " but cannot identify the actual problem(SQL).


I uploaded the "miner" to Microsoft but receiving reply saying it's not a virus. Even I can stop the miner to takeover my computer by deleting it everytime(thanks to Malwarebytes), it's still quite annoying to see SQL pop up everytime I start the computer.


Should I reinstall win10, delete SQL client configuration utility.exe or is there a better way to stop it from downloading a miner to my computer?

More...
 

Similar threads

S
Replies
0
Views
257
Szymon_Gaming111
S
S
Replies
0
Views
111
SajidDjunaedy
S
T
Replies
0
Views
87
The Tech Kings
T
Back
Top