I got one 2 in my temp is easy to get it out and ban it forever.
No virus scanner can solve the job i try some but it always come back.
What i did is i intercept the log. It's a data miner called Claymore CryptoNote CPU Miner v3.4 Beta.
In the log is an IPadress and a website.
What u do is block the website in you're hardware firewall (Modem) and it's never coming back.
Then use UNLOCKER to remove the locked svchost.exe in ur TEMP.
Here are the adresses
Hope i was helpfull
Enjoy ur speed
Edited by hamluis, 15 February 2015 - 02:32 PM.
Moved from Win 7 to Am I Infected - Hamluis.