I know I can always nuke the instance and start a fresh one. Luckily this is just a test machine. But i'd like to use this opportunity to learn how to diagnose these issues.
In case in matters - I also have Redis running on this machine.
Asked
Active
Viewed 948 times
1 Answers
0
I think this will work although I have never had this particular piece of malware:
Close all browsers
sudo kill -9 minergate-cli_pid
sudo apt-get --purge remove minergate-cli
It would be helpful to know which method was used to penetrate your system. If the process shows up again, run the above commands again and reset all browsers to their default condition. Do not uninstall and then reinstall them. The process for doing this varies from browser to browser.
Clamav should see this binary as a virus. If it persists, type:
sudo clamscan -r --move=/home/USER/QUARANTINE /
This will scan your entire file structure and move any virus found to a folder in your user directory. Replace USER with your username.
jones0610
- 2,514