windowspowershellmalware

cmd pops up at startup with "unable to open xmrig.json"


Whenever I start my PC It starts cmd that says :

unable to open "C:\Users\username\AppData\Roaming\Dll\config.json".

unable to open "C:\Users\username.xmrig.json".

unable to open "C:\Users\username.config\xmrig.json".

Now I came to know that 'xmrig' is some sort of miner malware

I tried using task manager and task scheduler to find and stop the 'xmrig' but I didnt find anything

I also tried looking inside the AppData\Roaming folder but didn't find anything

Please help me.


Solution

  • I solved the above problem using Trend Micro Thanks to @vonPryz's. There was a malware exe file hidden in some folder and trend micro detected and deleted it!