BitCoinMiner help

Can anyone explain how the Coinminer trojan infects a machine?  Our web server keeps getting re-infected.
We have AVG File Server edition and CCleaner running on it, plus Malwarebytes(free version only at this stage).
AVG and Malwarebytes keep picking up the infection and remove it, but within a day it's back.
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

Dr. KlahnPrincipal Software EngineerCommented:
Sounds like you have a polymorphic virus there.  These are exceedingly clever viruses that hide all over a machine using methods that make them undetectable by virus scanners.  

If that is the case, the only solution will be to restore the machine from the last full backup that was uncorrupted ... or reload it from scratch.

Then open the case and disconnect the USB sockets on the front of the machine, as this is likely how it was infected in the first place.
Shaun VermaakTechnical Specialist/DeveloperCommented:
Someone keeps visiting a site that does in browser mining. The site does not even need to be malicious. For example, this site asks for concent and mines for the user.
I would also go to the expense of a Better AV solution - Symantec, McAfee, Ksperksy...  While AVG do produce a server product its not one I'd use on any production server
All Courses

From novice to tech pro — start learning today.