Removing Crypto-Mining Malware with SysInternals Tools

Chris Lazari is an IT and Management Professional with over 20 years of experience in the IT industry. The Internet is his work.
Chris says that he had a Hyper-V server in his work, ordered in the data center for a particular project. He immediately choked something wrong, and loaded and run the Sysinternals Process Explorer to see if it’s possible to determine what causes the performance problem.

This article details how Chris solved this problem and what tools and methods he used. To accomplish the task, Chris used the steps that Mark Russinovich detailed in the Tech-ed talk a few years ago titled Malware Hunting with Sysinternals Tools.

More.

DISCLAIMER: THIS POST IS FOR INFORMATIONAL PURPOSES ONLY AND IS NOT TO BE CONSIDERED LEGAL ADVICE ON ANY SUBJECT MATTER. DIGITAL FORENSICS CORP. IS NOT A LAWFIRM AND DOES NOT PROVIDE LEGAL ADVICE OR SERVICES. By viewing posts, the reader understands there is no attorney-client relationship, the post should not be used as a substitute for legal advice from a licensed professional attorney, and readers are urged to consult their own legal counsel on any specific legal questions concerning a specific situation.