Search the Community
Showing results for tags 'bitcoin'.
Found 14 results
-
I just built my new PC a few days ago and i went out of my way to buy all new components except my GPU which is second-hand. I scanned my system with malwarebytes and got a lot of adware and two Trojan bitcoin miners that are located in my registry. My problem is that after every scan i get the same malware so it seems that quarantine doesn't help. I tried locating them manually with RegEdit but i cant find anything. I watched a lot of videos on my issue and all of them suggest using Task manager and MSconfig (for startups) but there is nothing out of the ordinary. If anybody can help i i would be really grateful. Thanks in advance! -Strahinja I have provided pictures of my search history. -
I have a problem. Today I have noticed that my CPU runs at 100% until I open task manager. I know, there were similar topics on this forum but unlike these virus didn't go away. Malwarebytes detected the virus and it says it has removed it but it's still happening. I tried using system restore and went back 8 days but it's still there. (Kinda impressive) I really hope you can help me.
-
So I've been having this problem for the last few days, my PC was pretty slow so I ran malwarebytes and it found a lot of stuff, then got rid of it but they came back with every reboot so I started looking into solutions online, I guess I've managed to get rid of a few of them by running a lot of different cleaning tools but "conhost.exe" always comes back after reboot. There was also some exes called lsmose and mysa1 mysa2 and mysa3 which I found out online that are bitcoin miners. I can stop the conhost manually by stopping some processes but it comes back after every reboot so I would really appreciate some help. I already ran FRST and attached the files, also not sure if this changes anything but these are the cleaning tools I used: malwarebytes, hitmanpro, roguekiller, mbamantirootkit and combofix FRST.txt Addition.txt
-
hi everyone i am Rodolfo Gilliland. i am new on here...guys let's introduce with each other
-
I have recurring problem during transacting bitcoin from one wallet address to another wallet. My problem is i cant copy the exact address that i have and when i copy paste to all platforms like ie messenger, notepad, word the same wallet address will always puff up. I tried to do some testing by copying partial of the wallet address and then paste again another portion which it was successful in notepad. After that I tried to copy and paste the address many times on the same notepad without any problem. But when i tried to copy and paste in the messenger, the first attempt of pasting it, it give me blank- i cant paste it. But on second attempt the same wallet address puff up again. I tried to do some research and they told me to have virus scan using malwarebytes to which i have a premuim subscription. I tried to scan using malwarebytes but it always gave me zero detection. I even bought Kaspersky total security and have a full scan still no detection. I tried to restart my laptop but still the problem persist. Pls do help because this matter gave me headaches. Thank you. -
Hi, I get this famous RiskWare.BitCoinMiner on my server Windows 2016. I don't now how cause it was a fresh installation. fresh installation because the first one was infected with the same malware. it's a poison i don't know what i can do... I take Malwarebytes, so i make a first scan on the server, he find RiskWare.BitCoinMiner, and remove it. good for now... But the riskware back again, and now, malwarebytes find nothing. The place of rundll32.exe who use processor : C:\Windows\Microsoft.NET\rundll32.exe This malware kill my server, i try lots of thing for remove that and i don't find useful tips. Thanks for your time and your help. Sorry for my english, i'm french. Addition.txt FRST.txt malwarebytes_scan.txt -
Hello there, new to the forums for Malwarebytes. Above is a picture of the recurring problem that has been happening for the past few weeks now. This started when my younger brother installed many freeware and software for video games (including shady websites for hacking video games). Now the laptop (A Razer Blade GTX970M) has been sluggish for quite some time now. Scanning with the anti-malware kept finding this program which could not be removed simply. Quarantining it doesn't keep it quarantined, instead it changes its file name to something else. My father and I have been trying methods to get rid of the virus but to no avail, we couldn't. I am now simply asking help on how to get rid of this virus. Thank you to those who will help. -
Hello! When i start my computer and check task manager then i see that something called vgost or something with tools picture takes the most cpu. I end task always and find the location first and delete it, but it always come back! Can anyone help me with this? Last time i deleted 5 of those with malwarebytes, but they come back after restart. Can anyone help?
-
FWIW if it helps someone. Sorry I can't find the string(s) I was in originally. Had a problem with the coinhive mess, but I didn't know it. Machine slowed to a crawl and task manager showed chrome using more than 80% of CPU. Used adw, FRST, eset, malwarebytes, CC, researched for eons. Tried everything written on this subject here and everywhere else. Nothing. Only a problem in chrome. So bit the bullet and removed all addons, etc from chrome... went away. Started adding things back. Turned out, AdRemover FOR chrome was the culprit. Would never have known the miner was there if not for malwarebytes warning me of the problem. It couldn't remove it I suppose since it's a "legitimate"? program? At any rate, my i7 with 32 gigs of ram and an nvidea 930 once again runs like an i7 with 32 gigs of ram and an nvidia 930.
-
PC got infected with an extremely hard to remove malware. It keeps creating a fake conhost.exe file in Windows/SysWOW64, as well as fake Adobe folders in AppData/Local. No rootkit/AV/Anti Malware program has been able to detect it. It starts up shortly after the PC boots, and its presence is known as soon as MalwareBytes blocks the RiskWare.BitCoinMiner process while doing live scans. The source of this process still cannot be found/cleaned, only the BitCoinMiner process it starts up every hour or so. It will close a majority of programs that run with cmd prompt, will close the browser when trying to search for specific keywords, and tries to blue screen if the user attempts to close or restart the PC. It doesn't seem to run in safe mode. After the malware "starts", FRST keeps getting closed whenever I try to launch it. Should I try to get the logs as soon as my PC boots (before the malware has a chance to start up), or should I get the logs in safe mode? Any help is appreciated! -
Hi, I managed to download a bitcoin miner while downloading mods for GTAV, and no matter how many times I scan using malwarebytes it won't go. After the system restart it persists and slows my PC down so much that it struggles with even CS:GO. I can't download FRST or RogueKiller because as soon as I type it in any browser, the browser closes as if the malware is closing it before I can use either tool to kill it. Please end my suffering lol
-
Hi guys. I recently started to notice that whenever I play a game, any game, I get a smooth 120 fps but then after a couple of minutes it drops to about 20 to 10 fps. I found out after some time what the problem was. When I opened task manager I could see that 2 processes are using like 90% of my gpu. They were called csrss.exe (Client Server Runtime Progress) and Desktop Window Manager. I did some research as to why they are doing this and some stuff I read said that it could be a bitcoin generator or something like that. It happens with every game I play. Csgo, Fallout4, you name it. The funny thing is when I am in game, I guickly alt tab to task manager and then for a good 2 seconds I can see these 2 processes use like 90% of my gpu, but then it immediately goes down to 1% after these 2 seconds. Can someone please tell me what the problem is and if it a malware?
-
Hello, I scanned my computer with the free version of malwarebytes and the scan came up with a few infections. I deleted these files and the registry entry in both regular and safe modes but it seems that they are being created each time the system is booted up. Attached is a screenshot of the scan results and the infected files. I'm running Windows 7 Home Premium 64-bit. Any help on how to get rid of these? Thanks! -
For quite some time I had CPU usage issues that appeared to be coming from the WMI service. I figured out a workaround which was to shut down the service called "WMI" but this wasn't ideal as it would need to happen on each reboot. I have also discovered a service called NVU which claims to be NVIDIA driver updater but I suspect it is also fake. Today I figured out that WMI was a Bitcoin Miner virus and I was able to find the associated files. I could have removed them manually but I got Malwarebytes to scan and remove them for me. On reboot now, my CPU is back to normal and those questionable files are gone. However, the WMI and NVU "services" still appear in the list of local services. I can no longer start or stop them (just get an error) I'm just wondering how to remove the fake services.
