Jump to content

Search the Community

Showing results for tags 'coinhive'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 2 results

  1. My cp usage will randomly spike to 15-20 per cent usage while idle, help me please thanks in advance
  2. Greetings, I believe it started somewhere during this week or last, i'm not completely sure. At first i noticed that some of the tabs i was visiting didn't have the page title but the url between quotes. I was busy with work so i ignored it off as a chrome bug or something. Since i work as a webdeveloper, it's normal for me to sometimes go F12 and check JS console, then i noticed... Sometimes, when i load a website, the website gets loaded on a frameset, with a cryptojacking on the header. Check attached image. Thankfully, this alone doesn't do jack to me since i use Minerblock, plus i also have a lot of 0.0.0.0 redirection to known coin miners websites on my hosts file. At first i thought the obvious: Somehow i've got a rogue extension or cookie, easy. I cleared up chrome using google own instructions. But then i noticed it still happened. Also happens on firefox, IE, every single browser, even steam in-game browser is suffering from this issue. It IS a problem for mainly 2 reasons: 1) Even if i have the miner blocked, how can i be sure it's not doing something else to my computer, like tracking data before messing with the source code? 2) It's problematic and disruptive. Sometimes, every single connection i make, on a browser, on a game, gets randomly denied. i try again and it works. It's making me unable to do my work correctly; I tried running Malwarebytes, ADWCleaner, Hitman Pro... Nothing seems to stop this. Then i proceeded to my router, as it seems to be a networkwide issue; My ISP uses two DNSs: One of theirs and one from google. I proceeded to remove theirs and use only the google ones. Then i restarted router and PC. Same. i disabled uPnP, i shut down every port forward i had. i made sure both router and windows firewall were enabled. I made sure there were no Remote access enabled. I checked if there were rogue users on my router. Nothing. I have no idea what else to do. I've searched on google, didn't find any results related to what i'm facing specifically. I usually don't go out on forums asking for stuff like this, but honestly, i need help. I have lots of honest work to do and this thing is causing me a hassle bigger than it should. Extra things to add: - No, i dont have another computer to test under this network. Later today i'll ask my neighboor to connect to my wi-fi and see if the issue happens in there. - It seems to happen with every connection, even inside a game or when i'm making an ajax call, it just DIES randomly due to this stupid malware changing the header information; - SOME websites seem to be "immune" of this: Facebook, Google and Youtube. And no, it's not because https, i've seen it happening with some https websites too. - Before this happened, i remember my internet having random disconnects, i called my ISP and they said they were making maintenance. i wonder if it is possible for an ISP to do such a thing? And yes, trust me they could easily do it without consequences due it being a local town ISP where most people don't care about security issues. But i dont want to accuse them before being completely sure; - Everytime i turn on my computer, the connection icon says it's "without internet access" while it clearly works. Then after a few minutes it becomes normal. This wasn't a behaviour i've seen before this issue existed; - I tried loading my windows on safe mode with network. Same issue happens in there. One extra fun thing: NOW my router admin showed 2 connections on DHCP., Mine and an "Unknown" one. I disabled DHCP. The malware still works. - Before you ask for my FRST.txt, i'd rather not to. But if it's REALLY necessary, please provide me somewhere i can post it only for admins. It contains a lot of customer files that were trusted to me and i cannot even let people see their titles. There are too many for me to edit them out too. But if possible, i'd like to not post that. I believe that's all. Please give something for me to work here. I have no idea what to do.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.