VideoSupport.exe CPU Miner

By GoldSparrow in Potentially Unwanted Programs

Translate To:

The VideoSupport.exe CPU Miner is based on the XMRig CPU Miner and resembles many clones of the Minergate CPU Miner. The VideoSupport.exe CPU Miner is a program that might invade computers through free software packages and misleading promotions of fake updates to Adobe Flash, Google Chrome, Mozilla Firefox and Java. The VideoSupport.exe process is not to be associated with legitimate video card drivers although that is the aim of third parties. The VideoSupport.exe CPU Miner is developed and operated by unknown third parties that use hijacked processing power to earn digital money.

The rise and spurt of many cryptocurrencies based on the blockchain technology demand a considerable amount of processing power to support various blockchain technologies. Many cryptocurrency developers reach out to PC users and investors to expand their brand of blockchain technology. Digital currencies like Bitcoin, Monero, and Ethereum are using nodes managed by individual users, as well as "farms" to process data blocks and provide service to interested customers. Some unsavory software creators try and drop programs like the VideoSupport.exe CPU Miner to the devices of unsuspecting users. The VideoSupport.exe application connects to a mining pool and begins to make complex calculations in the service of chosen blockchains. The nodes infected with VideoSupport.exe generate revenue for the team who created the application and maintain the associated 'Command and Control' servers. AV engines are known to tag the VideoSupport.exe CPU Miner and related clones as:

PUA/BitCoinMiner Miner
PUF.CoinMiner
RiskTool.Win32.BitCoinMiner.fqs
RiskTool.Win32.BitCoinMiner.ggn
Trojan.Generic.9580579
Unwanted/Win64.CoinMiner
Win.Trojan.CryptocoinMiner

The VideoSupport.exe CPU Miner has many clones, and we had recorded hundreds of samples before the VideoSupport.exe CPU Miner emerged on March 7th, 2018. You will find a list of recently recorded samples below:

32.exe, 4mat5.exe, AdobeL.exe, AllocMem.exe, Assm.exe, CrashHandlerService.exe, Facebook.exe, G.exe, Greenrunbam.exe, ICCProxy.exe, Ismose.exe, Kieele.exe, Mdnmc.exe, Min34.exe, Monitoring.exe, OSE.exe, Patcher64.exe, SIVApp.exe, SMADAV-UPDATER.exe, SearchIndexer.exe, Servime.exe, Share32.exe, ShellExperienceHost.exe , StartWebLogic.exe, Stinfo.exe, Svcpool.exe, Svtvvy.exe, Swqlcly.exe, Taskhostw.exe, TskViews.exe, Updateservice.exe, VideoSupport.exe, WINtcp.exe, WSColusion.exe, accmcs.exe, admres.exe, adobeply.exe, amdm.exe, amdrpo2t.exe, antibit.exe, bk.exe, btc.exe, budha.exe, cancelpayment.exe, cmbins.exe, cmstp.exe, conh0st.exe, coolpicture1.exe, core32.exe, cpm.exe, cswin.exe, dagnService.exe, deletewebkitcookie.exe, desktop257.exe, dosssws.exe, downloadinjectionsql.exe, drivers.exe, ds.exe, gas.exe, gpu.exe , hddprotect.exe, hhueiqpii.exe, hs_svc.exe, hvvdfdsb.exe, hzlskn.exe, ie.exe, intelHD2.exe, javad.exe, javaw.exe, kopatel.exe, lasa.exe, lokkiproject.exe, lovely.exe, mDNS1.exe, master.exe, mfigyn.exe, micr.exe , minewindows.exe, mm.exe, mrt.exe, msime.exe, mstdc.exe, mworker.exe, mynerrr.exe, myntt.exe , netch.exe , nhe.exe , ntibcpsaq.exe, optimizate.exe, po.exe, pricemeterw.exe, ps.exe, rypt.exe, serverd.exe, servime.exe, splwow.exe, splwow64.exe, spyxx_amd64.exe, stproc.exe, subst.exe, svar.exe, svch0st.exe, svchost.1.exe, svwinsi32.exe, systemexp.exe, systemupsvc.exe, taskmz.exe, updateUE.exe, vcpkgsrv.exe, winime.exe, winiogins.exe, winreg64.exe, winxrm.exe, winxsrv.exe, wmiapsvr.exe, wmpnetwk.exe, wupdater.exe, wuptest.exe, xcpu0.exe, xmrig_amd.exe, yewu2.exe, zqansjvs9txk.exe

The clones of VideoSupport.exe can be found in the following folders:

C:\Program Files (x86)\System Native\Main Services\winreg64.exe
C:\Program Files (x86)\lovely\lovely.exe
C:\Program Files (x86)\zqansjvs9txk\zqansjvs9txk.exe
C:\ProgramData\Microsot Rhhvtx\Swqlcly.exe
C:\ProgramData\Subair\Greenrunbam.exe
C:\ProgramData\System32\Logs\ShellExperienceHost.exe
C:\ProgramData\antibit.exe
C:\ProgramData\lokkiproject.exe
C:\ProgramData\ntibcpsaq.exe
C:\Users\username\AppData\GemWare\deletewebkitcookie.exe
C:\Users\username\AppData\Local\Temp\csrss\mrt.exe
C:\Users\username\AppData\Local\Temp\hhueiqpii.exe
C:\Users\username\AppData\Local\Temp\stproc.exe
C:\Users\username\AppData\Local\crss\wuptest.exe
C:\Users\username\AppData\PriceMeter\pricemeterw.exe
C:\Users\username\AppData\Roaming\Facebook.exe
C:\Users\username\AppData\Roaming\jherbs\optimizate.exe
C:\Users\username\AppData\Share\Share32.exe
C:\Users\username\AppData\SysWOW64\netch.exe
C:\Users\username\AppData\Temp\mynerrr.exe
C:\Users\username\AppData\bk.exe
C:\Users\username\AppData\dagnService\dagnService.exe
C:\Users\username\AppData\javad.exe
C:\Users\username\AppData\micr\micr.exe
C:\Users\username\AppData\microsoft manager app\downloadinjectionsql.exe
C:\Users\username\AppData\system32\CrashHandlerService.exe
C:\Users\username\AppData\yahoochrome_D\desktop257.exe
C:\Windows\Fonts\javaw.exe
C:\Windows\Stinfo.exe
C:\Windows\System32\SearchIndexer.exe
C:\Windows\Tasks\Adobe.Updater.Min\AdobeL.exe
C:\Windows\amdrpo2t.exe
C:\Windows\hvvdfdsb.exe
C:\Windows\servime.exe
C:\Windows\system16\svwinsi32.exe
C:\Windows\winime.exe
C:\Windows\winxrm.exe
C:\Windows\winxsrv.exe

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

VideoSupport.exe CPU Miner

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen