Jump to content

Search the Community

Showing results for tags 'coinhive'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 5 results

  1. My cp usage will randomly spike to 15-20 per cent usage while idle, help me please thanks in advance
  2. Greetings, I believe it started somewhere during this week or last, i'm not completely sure. At first i noticed that some of the tabs i was visiting didn't have the page title but the url between quotes. I was busy with work so i ignored it off as a chrome bug or something. Since i work as a webdeveloper, it's normal for me to sometimes go F12 and check JS console, then i noticed... Sometimes, when i load a website, the website gets loaded on a frameset, with a cryptojacking on the header. Check attached image. Thankfully, this alone doesn't do jack to me since i use Minerblock, plus i also have a lot of 0.0.0.0 redirection to known coin miners websites on my hosts file. At first i thought the obvious: Somehow i've got a rogue extension or cookie, easy. I cleared up chrome using google own instructions. But then i noticed it still happened. Also happens on firefox, IE, every single browser, even steam in-game browser is suffering from this issue. It IS a problem for mainly 2 reasons: 1) Even if i have the miner blocked, how can i be sure it's not doing something else to my computer, like tracking data before messing with the source code? 2) It's problematic and disruptive. Sometimes, every single connection i make, on a browser, on a game, gets randomly denied. i try again and it works. It's making me unable to do my work correctly; I tried running Malwarebytes, ADWCleaner, Hitman Pro... Nothing seems to stop this. Then i proceeded to my router, as it seems to be a networkwide issue; My ISP uses two DNSs: One of theirs and one from google. I proceeded to remove theirs and use only the google ones. Then i restarted router and PC. Same. i disabled uPnP, i shut down every port forward i had. i made sure both router and windows firewall were enabled. I made sure there were no Remote access enabled. I checked if there were rogue users on my router. Nothing. I have no idea what else to do. I've searched on google, didn't find any results related to what i'm facing specifically. I usually don't go out on forums asking for stuff like this, but honestly, i need help. I have lots of honest work to do and this thing is causing me a hassle bigger than it should. Extra things to add: - No, i dont have another computer to test under this network. Later today i'll ask my neighboor to connect to my wi-fi and see if the issue happens in there. - It seems to happen with every connection, even inside a game or when i'm making an ajax call, it just DIES randomly due to this stupid malware changing the header information; - SOME websites seem to be "immune" of this: Facebook, Google and Youtube. And no, it's not because https, i've seen it happening with some https websites too. - Before this happened, i remember my internet having random disconnects, i called my ISP and they said they were making maintenance. i wonder if it is possible for an ISP to do such a thing? And yes, trust me they could easily do it without consequences due it being a local town ISP where most people don't care about security issues. But i dont want to accuse them before being completely sure; - Everytime i turn on my computer, the connection icon says it's "without internet access" while it clearly works. Then after a few minutes it becomes normal. This wasn't a behaviour i've seen before this issue existed; - I tried loading my windows on safe mode with network. Same issue happens in there. One extra fun thing: NOW my router admin showed 2 connections on DHCP., Mine and an "Unknown" one. I disabled DHCP. The malware still works. - Before you ask for my FRST.txt, i'd rather not to. But if it's REALLY necessary, please provide me somewhere i can post it only for admins. It contains a lot of customer files that were trusted to me and i cannot even let people see their titles. There are too many for me to edit them out too. But if possible, i'd like to not post that. I believe that's all. Please give something for me to work here. I have no idea what to do.
  3. FWIW if it helps someone. Sorry I can't find the string(s) I was in originally. Had a problem with the coinhive mess, but I didn't know it. Machine slowed to a crawl and task manager showed chrome using more than 80% of CPU. Used adw, FRST, eset, malwarebytes, CC, researched for eons. Tried everything written on this subject here and everywhere else. Nothing. Only a problem in chrome. So bit the bullet and removed all addons, etc from chrome... went away. Started adding things back. Turned out, AdRemover FOR chrome was the culprit. Would never have known the miner was there if not for malwarebytes warning me of the problem. It couldn't remove it I suppose since it's a "legitimate"? program? At any rate, my i7 with 32 gigs of ram and an nvidea 930 once again runs like an i7 with 32 gigs of ram and an nvidia 930.
  4. As requested on https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/ find attached the FRST and Additons logs. I'm not attaching a Malware Threat Scan log since the software says there are no threats, however, every time I open Google Chrome, Malwarebytes detects this "coinhive". Thank you in advance for all your help. Addition.txt FRST.txt
  5. Hello I would like to know if Malwarebytes detects Coinhive, I am sorry if this has been asked b4 but I used the search function and although I have seen a few topics talk about it but I am still not sure if this program will be stopped with a Malwarebytes premium account, tnx for your time. Edit: while i'm at It I have another unrelated question, I normally use a combination of Malwarebytes premium and avast free antivirus, do I still need AV software or can I use only Malwarebytes for protection?
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.