Jump to content

Search the Community

Showing results for tags 'BitCoin Miner'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 19 results

  1. Hello, Recently my PC started acting weird and I was wondering what's the problem. I found out that when I turn on Task Manager processor usage drops instantly from 100% to normal rate. I had this problem many years ago on a different PC (it turned out to be a bitcoin miner) and Malwarebytes scan worked like a charm, but now it doesn't help. What should I do to make my PC working like it should? Sorry for my poor English, i'm not native. :) Thanks for any help, I appreciate it. :)
  2. Hello, I recently noticed that when I am running my PC and open task manager I see the CPU usable at 70-100% for a moment before it drops to about 10%. I've followed the advice on https://forums.malwarebytes.com/topic/241749-cpu-usage-high-until-i-open-task-manager/ (as best as I can) which hasn't been able to fix it. I've ran multiple scans of Malwarebytes and while its detected 1 or 2 things it hasn't made a difference. Thanks, Hawk Malwarebytesfile.txt
  3. Hello, I built a new pc a month ago and it's been doing great until a few days ago that I noticed my cpu at 50% plus when idle/browsing with no heavy programs running. Everytime I run the task manager or similar programs I downloaded online, the CPU usage will always go down to around 1-5%. I ran a total scan using avast and I dont see any malicious file. I can't see what process/program is the culprit because everytime I check it on the task manager, the usage will suddenly drop and I can no longer see which one is using all the cpu. I've seen similar posts online and here, and tried to resolve it but I dont see any suspicious file and I really don't know which process is the malware. My Setup is: i7 8700k Processor, GTX 1060 6gb, 8GB Ram, Windows 10. I hope you can help me find some solution or better yet pinpoint the cause. Forgive my english. Thanks a lot=)
  4. I use Synmantec antivirus and like after every 10 mins it shows Miner.Bitcoinminer 7 activity detected, and normal scans can't seem to be able to get rid of it, please someone guide me on how to remove this malware.
  5. Recently i was searching for a program and I only found a weird link to download it turns out I had installed a virus https://www.virustotal.com/#/file/7f7ba51f11523589845d8ff2fc6ed5c3030cccd799ed35102321a549c3b39f89/detection the behavior of this virus effects some other files and even tho I scanned my computer and deleted all the quarantined files I found out that they reappeared. What can I do to remove this malware?
  6. I seem to have acquired a rather nasty Bitcoin miner (or I assume that's what it is). It seems to generate a random name and create a folder in Appdata/Low which I cannot access due to an access denied. It asks for administrator rights which when provided it still says access denied (these are my personal machines. I'm the only admin). I tried to take ownership via file security but I always get an access denied error and it says the current owner is unknown. It creates multiple threads using the same name as the folder it created which I cannot affect in any way. I can't kill them or restrict there priority level. I also cannot open the containing folder due to the aforementioned admin issue. It seems to constantly max out either 1 or 2 cores on and off. It drops down to no usage for 30 seconds to 2 minutes on a regular basis. I'm not sure what it's doing as I don't get a spike in network traffic. Based on how the performance hit affects my system I suspect these processes have given themselves above average priority. The virus seems to have spread to my Laptop and HTPC via my network since there isn't any download I've made that the 3 of them have in common. The processes have in common only that they identify themselves as "Windows Process Manager" in the description bar and that whenever the file name of the current process is googled it always seems to be listed on the page of a spam redirect webpage: * www.discopoints.org/?postfix=CB&prefix=WE I suspect that web portal acts as some sort of homing device since every filename they've taken so far has been on that webpage. The hard part is I can't find out how to remove the virus because I don't know the name or strain of the virus due to it creating randomly named folders. MalwareBytes Anti Malware (which is supposedly the best at detecting Malware) never detects it even when I specifically tell it to scan the aforementioned folders. It doesn't seem to be using my GPU. Only my CPU. So far the process names i've seen are: * nvbtcis * weklacb * aurpmwc * nvczsrmsvc It's also always accompanied by a process that describes itself as "Printer Driver Host" * dtmcbpx They are always 32-bit processes. Each instance of the main mining process seems to use between 20 and 100MB of RAM depending on the age of the process. Do any of you recognize this behavior? If I can find out what virus I'm dealing with I can likely find instructions on its removal. I've never seen a virus that takes this degree of control over my systems. * Edit: Both systems are running Windows 7 Ultimate SP1 64-bit * Edit 2: I also tried booting to Linux Live to view the folders. Under Linux the folders appeared as empty. I tried deleting them so I could boot back into Windows and create my own folders in a read only state so they couldn't re replicate themselves. By the time I was into Explorer they had already been taken over by the virus again. * Edit 3: I've noticed it has the digital signature of a company called Jetbrains S.R.O. so I've sent them an email to see if they know anything about this. I assume they won't be happy that there digital signature is on a virus program. * Edit 4: Reinstalling my OS isn't an option. It would take monthes to reinstall all my software. We're talking 3+ year old installs with TBs of data. It was suggested I try posting here. Neither MalwareBytes nor Avast have been able to succesfully remove this virus. Avasts BootScan just threw out a data error and was unable to correctly delete the files. RKill didn't kill it.
  7. Hi everyone in the forum, i installed a package which contained virus as when the installation process was starting..... application were installed out of nowhere ( no intention), so i went to safe mode and ""threat scanned"" with Mbam and with mcaffee virus (normal mode) i discovered yesterday which i did not see before, that lux.exe is bitcoin mining the GPU and using lot of CPU, another thing i saw is that a bunch of scripts unknown to me are hidden in my C/....Appdata ...../Roaming directory. How do i remove all these, thinking deleting the files wont help at all.. ( windows 10 home, 64-bit OS) i firewalled torrentz and followed these steps... < https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ > Addition.txt FRST.txt Mbam log1.txt
  8. So I have this nasty virus that started out as a bitcoin miner virus because every time I open taskmgr it goes up to 99% cpu and then goes back down. I though hmm maybe its a virus so i use Malwarebytes to see if I can delete it. Malwarebytes didn't detect anything so I thought it wasn't a virus i've tried everything nothing worked I reset my laptop to factory settings 3 times nothing worked. Also this may also be a rootkit because 1 time my whole laptop went unusable when I start up windows it says error program has not started and happened for all my programs on my computer I could not open anything even malwarebytes. Now I was scared I gave up a few weeks after I got the virus cause I thought it would get worse if I tampered with it. But then apparently the virus also uses your cpu using undetectable processes. I used processor explorer and autorun to see if I could find anything I found nothing suspicious. I had 0 programs using cpu but I am using 2% cpu I do not have a lot of programs running I only have 43. This virus is apparently also a worm because it traveled to 2 of my other computers probably through emails.Now Im really desperate for help because all my computers are really slow im focusing on fixing the carrier of the virus mt toshiba satellite intel because if the carrier of the virus gets taken down so does all the others. Please help me remove this virus its very hard to remove and unsafe. Here are my specs, Thank You win 8.1 Intel Pentium CPU 2020m 2,40GHz Ram: 4.00 (3.88 usable)
  9. Hello there. So for the last couple of months, I've been constantly getting high CPU usage from something that kept running at random times during the day. I was then able to discover that it was some form of bitcoin miner that has infected my system and using it to well "mine" bitcoins I guess. Bitdefender has been able to block it now when it appears but that doesn't mean that it has stopped trying to get back in. I've attached a screenshot of what Bitdefender has said and every time it appears, it always targets the same file and that file comes back even if I delete it. While the main threat has been neutralised, I need it off the system as it's still harmful. I appreciate any support you can help me with and thank you.
  10. I've been trying removing svhost bitcoin miner virus ,but I couldn't I tried scaning my pc with RougeKiller and got some detected files/registries ,but not sure if I'm supposed to delete them
  11. Hello hard working malwarebytes community, as the thread title states I've caught a bitcoin virus which masquerades as the Java Update Scheduler (jusched.exe) and which starts by itself (even after killing the process several times) and makes my graphics card run at maximum power (as expected). I'd guess the other one in the task manager (Java Update Scheduler (32 bit)) is the original. Now I've read a couple of posts on this in this forum about the virus and the cleaning process and have already run Malwarebytes Anti-Rootkit with no findings and ESET Online Scan found the threat under: Now I am unsure whether simply deleting the files will fix my problem or if other actions on my part would be advisable. I figured this would be the best place to ask for help. Thanks in advance! Best
  12. Hi, my GPU Load is spiking to 85% every 8 minutes while I game, and it stays at 85% for about a minute, then goes back to 20% GPU Load. Here are the Checkresult files, FRST file, and Addition file. It may or may not be a bitcoin miner, but if it isn't please tell me the problem. Thanks! Addition.txt CheckResults.txt FRST.txt
  13. Hello everyone, As the title says, i have a little problem with svchost.exe (which could also be the bitcoin miner). Kaspersky found something in C:\Windows\temp\svchost.exe around one month ago. I tried to fix it but it came back after every restart. As it did nothing to my pc and as it was called svchost.exe i thought that it is a mistake of Kaspersky. My gpu is on 100% while idling. As i had a bitcoin mining virus before, i rememberred the same symptom and did some things: Combo fix: I ran it once and it seemed to fix my problem until i restartet. Kaspersky: Was unable to do anything but recognise the virus. I tried the secure Disc but it couldn't get rid of the virus. Malwarebytes: It found two svchost.exe and two lsass.exe. But because it needs a restart and my pc was unable to shut down, nothing happened. I ran it again later in secure mode and the restart was possible. It seems like it solved the problem but Kaspersky still tells me there is svchost.exe in my temp folder. RogueKiller, HitmanPro and ESETPoweliksClean... didn't work. When i run Combofix my gpu usage goes down and everything seems to be normal but i have no internet connection and when i restart it's like i never ran combofix. Could anyone please help me to fix this problem so that it doesn't start again in a month.
  14. Hello everyone, As the title says, i have a little problem with svchost.exe (which could also be the bitcoin miner). Kaspersky found something in C:\Windows\temp\svchost.exe around one month ago. I tried to fix it but it came back after every restart. As it did nothing to my pc and as it was called svchost.exe i thought that it is a mistake of Kaspersky. Yesterday (07.05.15) my cpu and gpu were on 100% while idling. As i had a bitcoin mining virus before, i rememberred the same symptoms and did some things: Combo fix: I ran it once and it seemed to fix my problem until i restartet. Kaspersky: Was unable to do anything but recognise the virus. I tried the secure Disc but it couldn't get rid of the virus. Malwarebytes: It found two svchost.exe and two lsass.exe. But because it needs a restart and my pc was unable to shut down, nothing happened. I ran it again later in secure mode and the restart was possible. It seems like it solved the problem but Kaspersky still tells me there is svchost.exe in my temp folder. RogueKiller, HitmanPro and ESETPoweliksClean... didn't work. My system seems to be ok but as i said kaspersky still shows me that i have a virus and i can still see the file in the temp folder. Could anyone please help me to fix this problem so that it doesn't start again in a month.
  15. Hello everyone, As the title says, i have a little problem with svchost.exe (which could also be the bitcoin miner). Kaspersky found something in C:\Windows\temp\svchost.exe around one month ago. I tried to fix it but it came back after every restart. As it did nothing to my pc and as it was called svchost.exe i thought that it is a mistake of Kaspersky. Yesterday (07.05.15) my cpu and gpu were on 100% while idling. As i had a bitcoin mining virus before, i rememberred the same symptoms and did some things: Combo fix: I ran it once and it seemed to fix my problem until i restartet. Kaspersky: Was unable to do anything but recognise the virus. I tried the secure Disc but it couldn't get rid of the virus. Malwarebytes: It found two svchost.exe and two lsass.exe. But because it needs a restart and my pc was unable to shut down, nothing happened. I ran it again later in secure mode and the restart was possible. It seems like it solved the problem but Kaspersky still tells me there is svchost.exe in my temp folder. RogueKiller, HitmanPro and ESETPoweliksClean... didn't work. My system seems to be ok but as i said kaspersky still shows me that i have a virus and i can still see the file in the temp folder. Could anyone please help me to fix this problem so that it doesn't start again in a month.
  16. Hello all. I am using regulary MalwareBytes Anti-Malware PRO. It was working amazing, but these late days erm.. maybe not. I have seen some notifications of Malwarebytes that the anti-malware is blocking some malicious websites. This was so annoying and I updated & full scanned my pc, it found 4 threats. The threats are; PUP.Optional.PrimeMiner - located in C:\WINDOWS\hev.exe (quarantined successfully) Trojan.Miner - located in C:\WINDOWS\system32\libcurl-4.dll (quarantined successfully) Trojan.Miner - located in C:\Documents and Settings\Administrator\Application Data\Adobe\Flash Player\Cache\libcurl.dll (quarantined succesfully) PUP.BitcoinMiner - located in C:\WINDOWS\system32\winlen.exe (quarantined succesfully) However, I'm still getting notifications that the anti-malware is blocking malicious websites. Common blocked IPs are: 5.61.45.152 and 72.8.190.39 Like shown in photo: and Is this False Positive or not? I am infected? Sincerely, TheVaLo
  17. My computer has become infected with a bitcoin miner which goes under the name of "postgres". It randomly opens up and uses all of my memory and makes my pc slow. I have tried to delete it and used scanning software but still it somehow manages to reinstall itself on my computer. Im getting really worried now, anyone know how I can remove it from my computer permanently?
  18. So, this has been happening for some time now. Everytime I use the computer (only my user, doesn't seem to be happening to anyone else but I'm not sure) I get this error message saying "Bitcoin-miner has stopped working.". This message pops up once every minute or two. It is EXTREMELY annoying. I've just been working around it but, now I need to remove it. I suspect it's using svchost but, I'm not 100% sure because it always crashes...so I can't really tell which process it may be using. I don't see a performance impact though like many other BTC trojans seem to do. I think I may have removed it partially but, it still trys to run every minute or so. I have run Malwarebytes but it didn't fix it. Thanks in advance.
  19. Yesterday, my hard disk got hit with a bitcoin miner virus (I saw this name in the task manager, my CPU just hung up everytime I started my computer). When I did end this process through the task manager, the CPU functioned normally. But the virus is still there in the hard disk which contains some important data. Would it be possible to remove that from there? I went through older forums about this virus/malware and found that I would need to run a scan using RogueKiller. I did that according to the instructions, please find the report attached below. RKreport_S_04282013_02d0824.txt Also, there is something more is wrong with my Windows after that virus attack (please see attached image, not sure if it is linked to that virus though)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.