Jump to content

Search the Community

Showing results for tags 'BitCoinMiner'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 25 results

  1. Hello, for the past few days, my PC has intermittently been running slow and making a lot of noise; when I open up Task Manager, for a split second it shows the CPU usage at 80-100%, then almost instantly it drops to around 5-20% range. I have been using Norton and it alerts me every 30~ minutes that multiple attacks had been prevented, under the name of "System Infected: Miner.Bitcoinminer Activity #" (the number changes every time), yet it cannot detect the relevant files, therefore is unable to quarantine or delete them. I think a virus (or multiple viruses) has embedded and hidden itself in one of the central files or processes. I have looked up countless solutions on this forum and others, but have been unsuccessful. Things I have tried so far: 1) Tried to detect the file on the details section of the Task Manager to find the file location and delete it (File or process is not there) 2) Downloaded Process Explorer to find the unwanted process (File or process is not there) 3) Ran a MalwareBytes scan with "scan rootkits" enabled (Nothing came up) 4) Used rkill.exe, and then ran a MalwareBytes scan (Nothing came up) 5) Blocked the inbound traffic from the ports I was getting attacked from, on Windows Defender Firewall (Did not stop the attacks) I have seen people using FRST on this forum to solve similar problems, but I cannot view any of the fitlist.txt files, so I have not used that program. I would be grateful if you could please help me fix this problem. Thank you, fabdellas
  2. Hello everyone, I would like to begin by saying that this website is amazing. It has led me to find out why my PC performance is so poor in less than an hour when I have been troubleshooting it for months, so thank you. I've been having game performance issues for a few months now. I tried dozens upon dozens of troubleshooting methods without a solution in sight until I noticed something. When I was running a game and opened task manager, my CPU usage would instantly drop from 99% to 50-60%. This reminded me of something I read online about bitcoin miners hiding itself as you open task manager. What I didn't actually know was that it was possible for the virus to camouflage itself under the game. I started by installing Malwarebytes and AdwCleaner as instructed by @AdvancedSetupin other user's threads. I did a scan with Malwarebyte with rootkit scan enable in the settings yet nothing was found. After scanning with ADWcleaner, two ''PUP.OptionalLegacy'' files were found which I believe are irrelevant. Feeling discouraged after thinking I had found finally found a fix, I decided to play a bit of a game thats easier to run with the performance issues. Out of curiosity, I opened task manager and the first thing I see is Malwarebyte warning me about my game being a trojan. I do a bit of research on the matter and most search results foolishly chalk it up to being a false-positive. I looked at the summary of the programs findings and was given an IP which I will not put here since it directly leads to a MWB warning saying the link/IP is a trojan. I then used a geographical IP location finder and it told me that the location is in Georgia, Kvemo Kartli. There is no way this is a false-positive since the company who made the game is located in Canada, Vancouver. I also never joined a multiplayer server and only stayed on the main menu screen so there is no way that a P2P false-positive could have happened. This leads me to believe that there is an infected file on my computer which acts as a proxy between my PC and a website. It camouflages itself under whatever video game I'm playing to act as if the cause of the high CPU usage was the game. What Malwarebytes picked up on is the command which tells the file or site to pause the mining when I open TM. Here are all the required scans 1. The scan is unable to spot the virus but shows up in detection history. This happens everytime I open taskmanager while a game is running. Here is the file summary clearly showing that the virus is concealing itself as my game, the IP address geographical location and the browser page warning. 2. AdwCleaner detects nothing. Please note that this is all speculation on my part. I have next to no knowledge in this type of stuff and I may be wrong. What do you think? Thank you. MWBscan.txt RPT detection trojan.txt Addition.txt
  3. Hi @AdvancedSetup, Sorry for interrupting the conversation. I have the exact same issue and I have followed the steps. I have attached all the files. Thank you! Addition.txt AdwCleaner[C00].txt FRST.txt quarantine_items_malwarebytes_scan.txt
  4. about 3 weeks ago I had to download a software from a site I don't trust called "get into pc" and after about 10 days I noticed windows defender doesn't exist anymore, windows update not working and the pc takes much longer to boot so I downloaded malware bytes and did a scan. It detected 27 malware elements trojans, something called bitcoin miner and some other things, I quarantined them all and installed a new windows and after about a week or so everything happened again and windows defender is deleted again and the pc rakes longer and when I scanned by malwarebytes it detected the same 27 malware elements although I deleted the software I downloaded from that site.. what should I do ?
  5. Title says all, I've ran a full scan of Malwarebytes and it did not detect anything. I started noticing the problem today, a few weeks ago I noticed games that I was once getting 60fps dropped to 10-20 fps and fans were going at full speed and are extremely loud. I installed an external tool that shows CPU usage and I noticed when I opened task manager the the external tool showed CPU usage dropping down to 10% when it was at 80% usage. I believe I have a Bitcoin miner, is their anything I can do to find and delete it or is it just a hardware problem?
  6. Lately i'm getting messages from my Norton antivirus saying that it blocked an attack from "log4.clouduetrika.com" These are the advanced details System Infected: Miner.BitcoinMiner Activity 9 "log4.clouduetricka.com (, 453)","TCP, Poort 453" The attack resulted from: \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSWOW64\CS-CZ\S-1-5-31\TIWORKER.EXE.
  7. Good day, My laptop got infected with a BitCoinMiner, possibly the same situation as in this case: https://www.reddit.com/r/techsupport/comments/afi615/bitcoin_mining_virus_on_my_laptop_mines_when_idle/ (reddit thread) Guy found something in the task scheduler but I didn't find anything on my end. The DisallowRun thing he did didn't do anything for me either. I tried System Restore but it didn't help. Used Malwarebytes to scan the problem and it found 4 .dll files in the AppContainer path mentioned in the reddit thread. I quarantined and deleted them, restarted the system but it didn't seem to help. Later Malwarebytes detected 2 of the 4 .dll files again, I deleted them. Since nothing helped, I decided to seek help here. Also, today I found out that uTorrent (I know, this thing probably came from the torrents and after all these years of torrenting it finally happened) kinda deleted itself or something? Then Malwarebytes all of a sudden doesn't want to launch as well, giving me the «Unable to connect the Service» error. I tried reinstalling it but I couldn't even uninstall it because it was missing unins0001.msg file. I tried installing Malwarebytes on already exsiting files but the installation setup doesn't even want to start (task manager says it doesn't respond). So yesterday everything was fine, today Malwarebytes is kinda gone - can't launch, can't properly uninstall, can't install the new one... I'm very worried about this situation now and I wonder if I made things even worse for myself which wouldn't be too surprising... Please help
  8. Help, i't seems like my laptop is infected by riskware bitcoinminer I've tried scanning it using Malwarebytes and Adwcleaner but it's always coming back please help me to removing from my laptop. Thank you. There are my Malwarebytes logs, Adwcleaner logs and also Farbar logs Malwarebyteslog.txt AdwCleanerLogs.txt Addition.txt FRST.txt
  9. So I’ve read other forums on this website on how to remove the “Miner.Bitcoinminer Activity 7” that norton keeps popping up, I’ve read other forums and followed what they did but I’m not sure if I did it right, it would be helpful if i could get help from a professional or similar, on the side note I have windows.
  10. Hello. I clicked on a dodgy link and have been plagued with a Bitcoin miner. It disabled my security updates, my Windows updates, and my Antivirus software. I did a reset but kept my personal files as I had some projects I could not lose. I removed the BitCoinMiner.Trojan before resetting. I Have run scans with Avast, AVG, Malwarebytes, tdskiller, and gmer.exe. I have a popup that comes up every time I open chrome saying blocked trojan xmr.omine.org. Just want to get rid of this. I'd appreciate any info on how the analysis into the problem is conducted using these files so if this happens again I can try and do some analysis myself. I am interested in Security and malware analysis. Just was pretty stupid clicking something I knew was dodgy AF. Addition.txt FRST.txt Malwarescan.txt
  11. Recently my laptop has been operating a lot slower and I have been getting non stop notifications from Norton stating that it has blocked an attack from: System Infected: Miner.Bitcoinminer Activity 7. I have done scans with Norton and Malwarebytes with no avail to fix the issue. Any help would be greatly appreciated, thank you.
  12. Hello, Recently i have downloaded a game from skidrow website. Since then, I am getting a norton security notification that say “norton blocked an attack by: system infected: bitcoinminer activity 7”. the symptoms of this was not be able to run malwarebytes or adwcleaner. Even typing malwarebytes on a browser is shutting it down. The combofix program make the notification go away and some how “clean” the computer and fix the problem. But when I restart my computer, the problem appears again with the same symptoms. I also tried to run malwarebytes chameleon and it runs perfectly, but the program do not find any thread in the system. Note that my cpu/gpu is not affected by that “thing”. Thank you for helping me!! I’m lost right now.
  13. My computer has new ads popping up in new tabs every 20 minutes or so in Chrome. I can't run MalwareBytes, RKill, or Farbar unless it is in SafeMode. MalwareBytes detects RiskWare BitCoinMiner, but after quarantine and deletion, it reappears on reboot. I know I have utorrent installed and I am 95% sure that's what has caused this issue...will never use again. Please HELP!!! Addition.txt FRST.txt MalwareBytes Scan Log.txt
  14. A couple of days, a relative used my computer and downloaded something that came with a malicious software, and it keeps coming back with different names despite constant cleaning using MalwareBytes, HitmanPro, ZemanaAntiMalware, AdwCleaner, Avast Browser Cleanup, ZHP Cleaner and so forth. I also restored my browsers to default settings and deleted all the cookies, cache and such with CCleaner. At first this malware used to open random tabs in my browser but after some cleaning, it stopped. Then it changed to a ksecdd.ax file appearing in my users/user/appdata/local/temp folder every time I restarted the computer. MalwareBytes would find the file and quarantine it, but at the next restart, it would come back. Now it's a BitcoinMiner infecting my msiexec64.exe that once again reappers whenever my computer restarts. Not only that but it makes my browsers crash whenever I search for Farbar Recovery Tools, leaving me unable to see if said software can bring me a solution. I can search for anything else with no problem but as soon as I type farbar and press enter, instant crash. What logs could I provide here for the experts to analyze so they can find a way to fix this? Thanks in advance.
  15. hello, I've got unlucky 3 days ago and a virus package started to download and install itself on my PC. After I accidentally opened the malware infected exe file, due to a weird pop-up which immediately closed itself, I checked my virus scanner and it was turned off. After that I removed my internet cable with insane human speed, and got a lot of error messages that this and that program could not install. After lot of googling I scanned my PC with Avast and Malwarebytes. And they together found over 90 suspicious files. More than 20 were trojan bitcoinminer. After that I noticed that my PC got slightly faster, but then chrome opened itself directing me to a random page. I found out about SearchScope malware, I downloaded AdwCleaner. It found 2 more trojans and 11 PUPs. I remembered a program called HiJackThis which was used back then. And after I used it I found more SearchScope lines in the registry, I manually deleted them (there were 5). But then 2 of those searchscope registry files renewed itself, and none of my scanners could find anything. And lastly in the HiJackThis txt file I found an exe called cheatengine, since I never used it, I googled after it, and found out it's a virus too. Sorry if I wrote too much, I thought it will be easier to help knowing what I did in the last 3 days. The reason why I am asking for help is that I cannot clean up the trash after the malwares, because I cannot find them. And I am getting kind of tired and confused by now. Thank you for helping with this. I included my HiJackThis file too, because it says (file missing) to the cheatengine.exes, and that is what made me confused. I could not include my Malwarebytes threat scan log, because I installed, scanned and uninstalled it, due to weird working after the scan. And now I installed it again, it is fine now. One last thing I could not find anything useful about it on the internet. Only my AVAST shows it when I do a performance scan, it says there is a program called GOTO: <Product Name> running in the background. Is that a malware/spyware? Bill. Addition.txt FRST.txt HiJackThis.log AdwCleaner[C00].txt
  16. Hi, recently i have been annoyed by this pop up(picture below) a lot, i tried deleting it in Windows Safe mode but it keep coming back in different folder. Now strange thing is malwarebytes keep detecting it and quarantine it but every time i turn my pc on, he is back. I do get performance issues, but strangely others malware products such as "zemana" and "Hitmanpro" never detects it. Another things that i dont understand is both of those two detect "syswow64" but malwayrebytes dont (syswow64 keeps getting delete every time and every time i turn my pc on he is back, same as bitcoinminer thing). I dont want to do fresh windows reinstall. Please help.
  17. Hello, I am in need of dire assistance, a virus has infected my computer and I have been trying for the last 6 days to kill it; my exams are close so I need this computer to do my bidding but this irritating little demon keeps me from doing anything with it it is also crashing my computer, nasty little thing. Just like the title says the bugger's name is RiskWare.bitcoinminer, I have tried many steps to eliminate this virus but have failed so far, I have used marwarebytes, hitmanpro and roguekiller.
  18. Hello, I was going to download a game called Stranded Deeps but it was a fake .iso but I didn't know it and I got a trojan that was very strong. My brother tried help me and installed this software with Premium Trail and scanned a few times, it removed over 45 virsuses and like 500 ad stuff. But this one keeps re-adding itself even when deleted by malwarebytes.. even after saying its gone everytime you close malwarebytes after retstart its up and running. We have scanned malwarebytes with rootkits and selected a disk where all my files are selected and the only one popping up is always this Trojan.BitCoinerminer called xmrig. Can anyone please help me? it takes 100% CPU instantly and I have 3.6 Ghz always when I have malwarebytes closed down its up 80% running. I am willing to provide with scans of .txt if u send me programs which actually can delete it cus it lierally wont get deleted from malwarebytes premium scans.
  19. Hello MWB Forums i have been trying to remove this malware for a few days now and it seems to keep popping back up. Is there anything i can do to permanently get rid of it? I've attempted to remove with MWB, HitmanPro, RogueKiller and Embisoft but to no success. Browsers have been cleaned and uninstalled too. The file seems to reappear after deletion however a reeboot is not required
  20. Good evening, I hope you're having a great day, I come here looking for aid. Followed the first steps and ran the FRST and malware, got the logs. I hope you can help me soon.
  21. Hello, Malwarebytes Premium detected Riskware.BitCoinMiner on my Windows 10. I instructed Malwarebytes to quarantine the files, then restarted my computer, then deleted the files. My scan was set to run every 3 days, so I may have had this riskware for up to 3 days. The Malwarebytes blog made it sound like this riskware poses no real threat, however, other websites said that this riskware records all keystrokes and analyzes or sells it to others. (!) I just want to know if I need to take any further action now that I deleted the files. Theoretically, I could change all of my passwords...but if that's not necessary I really would rather not. Thanks!
  22. Hello every one So i downloaded pirated game from internet my c drive space i slowly going down and occasionally my gpu usage goes up to 99% [measured by HWmonitor] so i researched on net and i guess that the game installed a bitcoin miner what should i do now ? i use bitdefender[free] and malware-bytes anti malware[free]
  23. https://www.virustotal.com/en/file/7097e0cdc0d5cb990c8f9e769c345a6f4144236284d38811a95b3669695ca196/analysis/1400894183/ C:\Program Files\Windows Multimedia Platform I used Malwarebytes scanner and it wont detect it if just scanned i also use nod32(30 day trial) it also wont detect it. Services and Controller app.exe its taking up 10-30% of cpu usage when i end proccess it it crashed my video card. so its using my GPU. preety sure its bad. but incase i am stupid please help identify. i am running the anti rookit right now. i will update if the situation changes..
  24. Hi Guys. Writing from Central America, so if there are some mistakes with my english, please forgive me. I've recently installed BitDefender in it's trial mode, and since yesterday it has been telling me that i have problems with a malware called BitCoinMiner.AS. I've been searching for this problem solution, but i can't find the .AS type. The message BitDefender shows is: The file\Device\HarddiskVolume2\WIndows\TEMP\tmp000...(etc) might be used for malicious activities. BitDefender could not clean this item. Your computer is at risk. Application name: Application.BitCoinMiner.AS I really nedd help here. Thanks!
  25. Hello guys from Malwarebytes, and greetings from Finland. Couple of days ago my computer got finally infected for good. Malicious file called TR/BitCoinMinerAL.A.11 has infected my laptop. I did some research and found out that you guys have been helping to remove this manually. I have avira and avast but they can't get rid of it, they just keep spamming warnings/blocks etc.. also my comp has turned to be fast as a snail nowdays sigh.. I downloaded your malwarebytes anti-malware program but it didin't work either, so i figured i just ask from you guys can you help me out? Help me Mal-ware-bytes, you are my only hope..
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.