Jump to content

Search the Community

Showing results for tags 'miner'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. When I open the Task Manager, my CPU is at 60 - 100%. The temperature is high, but then it drops. I used RKill, Malwarebytes, TDSSKiller, Roguekiller and HitmanPro, but they didn't find anything.
  2. Hello, for the past few days, my PC has intermittently been running slow and making a lot of noise; when I open up Task Manager, for a split second it shows the CPU usage at 80-100%, then almost instantly it drops to around 5-20% range. I have been using Norton and it alerts me every 30~ minutes that multiple attacks had been prevented, under the name of "System Infected: Miner.Bitcoinminer Activity #" (the number changes every time), yet it cannot detect the relevant files, therefore is unable to quarantine or delete them. I think a virus (or multiple viruses) has embedded and hidden itself in one of the central files or processes. I have looked up countless solutions on this forum and others, but have been unsuccessful. Things I have tried so far: 1) Tried to detect the file on the details section of the Task Manager to find the file location and delete it (File or process is not there) 2) Downloaded Process Explorer to find the unwanted process (File or process is not there) 3) Ran a MalwareBytes scan with "scan rootkits" enabled (Nothing came up) 4) Used rkill.exe, and then ran a MalwareBytes scan (Nothing came up) 5) Blocked the inbound traffic from the ports I was getting attacked from, on Windows Defender Firewall (Did not stop the attacks) I have seen people using FRST on this forum to solve similar problems, but I cannot view any of the fitlist.txt files, so I have not used that program. I would be grateful if you could please help me fix this problem. Thank you, fabdellas
  3. hello everyone, i want to keep this short so i have the same problem as this guy AdwCleaner[S01].txtAddition.txtFRST.txtSCAN.txt i downloaded IDM (internet download manager) from a shady website...etc...etc, so just like kevinf80 asked in this topic, i will attach the txt files here, thanks in advance!
  4. Hey, yesterday I scanned my laptop with Malwarebytes and got some issues about Bitcoin miner files in my Files. So it asked me to restart my laptop to remove those files, so I pressed it immediately. While restarting it got stuck on restarting screen and froze for more than 20 minutes, so I made a hard restart. Now I am not sure if my laptop is clean and secured. Addition.txt FRST.txt first_Malwarebytes_Scan.txt
  5. I just built my new PC a few days ago and i went out of my way to buy all new components except my GPU which is second-hand. I scanned my system with malwarebytes and got a lot of adware and two Trojan bitcoin miners that are located in my registry. My problem is that after every scan i get the same malware so it seems that quarantine doesn't help. I tried locating them manually with RegEdit but i cant find anything. I watched a lot of videos on my issue and all of them suggest using Task manager and MSconfig (for startups) but there is nothing out of the ordinary. If anybody can help i i would be really grateful. Thanks in advance! -Strahinja I have provided pictures of my search history.
  6. Hello, My Computer has Norton installed and I have a Miner.Bitcoinminer Malware somewhere? My Norton just brings a Popup that its beeing blocked but cant find any History or Source of the problem. I Attached my FRST Files please Help me. Addition.txt FRST.txt
  7. Hey, I have run a performance diagnostic report on my PC after noticing issues with performance. Receiving the following warning. This seems to be widely linked to trojans/cryptominers. I have followed all the instructions on this page https://www.bleepingcomputer.com/virus-removal/remove-taskhostw.exe-and-windows-update-checker-miner#rt_options but no luck. No anti malware software seems to be picking this up. not showing in task manager or on process explorer. Could you please help to get this removed from my system. Scan logs attached. Thank you! Ben Malwarebytes logs.txt
  8. I use Synmantec antivirus and like after every 10 mins it shows Miner.Bitcoinminer 7 activity detected, and normal scans can't seem to be able to get rid of it, please someone guide me on how to remove this malware.
  9. So I've been having this problem for the last few days, my PC was pretty slow so I ran malwarebytes and it found a lot of stuff, then got rid of it but they came back with every reboot so I started looking into solutions online, I guess I've managed to get rid of a few of them by running a lot of different cleaning tools but "conhost.exe" always comes back after reboot. There was also some exes called lsmose and mysa1 mysa2 and mysa3 which I found out online that are bitcoin miners. I can stop the conhost manually by stopping some processes but it comes back after every reboot so I would really appreciate some help. I already ran FRST and attached the files, also not sure if this changes anything but these are the cleaning tools I used: malwarebytes, hitmanpro, roguekiller, mbamantirootkit and combofix FRST.txt Addition.txt
  10. Through another program, someone installed a suprnova.cc miner. How do I remove it? Does MalwareBytes detect it?
  11. Hello, I am very new to the malwarebytesforums and it is admittedly a little bit late to be searching for help, but this infection has avoided everything in my power. About four days ago, I acquired a new steam game, but it kept crashing to desktop upon launch. Although the fix was simple (Update graphics drivers), I saw a "Mod" by someone online that'd fix the issue. After downloading and running the file, it gave me an error, so I closed and deleted it, and didn't give it much thought. Little did I know I started going down a slippery slope. About an hour later exactly, norton starts giving me this: There are attempted attacks ranging in intervals of 10 minutes to 2 hours (Not shown here for the reason explained below) Firstly, I apologize, my Windows install is in Spanish, it can't be helped, but I don't think it will affect the removal process. Secondly, the attack always originates from a (What i assume must be) a regional location file within the SysWOW64 folder. I HAVE tried to delete the file folder highlighted below on red (Last attempt today no, which solves the issue for about 4-8 hours. It always comes back. Scans using Zemana, Malwarebytes, Roguekiller, Norton PowerEraser, and the like, return empty. I have also tried running TDSSKiller, but the files it found are either redundant (Civilization V uninstall files and the like) Or Kernel and system drivers which I am too afraid to delete. The only thing I have not attempted is the FRST tool as I dont know how to create a fixlist, and I am afraid of what it might do to the system. I am attaching the FRST.txt and Addition.txt files from today here for review, however. Thank you for reading this far, I'll patiently await your response! Addition.txt FRST.txt
  12. Greetings, Malwarebytes forums. For the past few weeks, my laptop has been running very slowly, with high temperature (the CPU even reaches 100C on some occasions, with the core voltage exceeding 20V per core). The fan would ran at max speed even when the whole system is in idle mode (I do open a few programs related to my work, but all of them are network-related stuffs and in idle mode). Curious, I checked the Task Manager and see one of my workplace apps consuming exactly 25% of CPU. Occasionally it would dip or raise above that level but it would revert back to utilizing 25% of the CPU (an i5-2520M@2.5). Even more curious is the fact that if I force close the application in question, the 25% CPU utilization would be transfer to another apps previously in idle mode (with 0% CPU usage), even as far as transfering that utilization to explorer.exe and jusched.exe, which is entirely unrelated and would never consumes that huge amount of computing power. Thus, I suspect that my laptop is infected with some kind of crypto miner designed to run at 25% of system resources. Even more curious still is the fact that if I turn off everything, or restarting the system, the CPU utilization would return to a normal level. So what is wrong with my system and how should I proceed to remove this threat? I'm worried that if this continues, my laptop would turn into a pile of plastic and steel garbage pretty soon. P/s: My colleague has an identical laptop with an identical set of work-related apps, and his experienced no problem so far.
  13. Hello, some days ago I noticed some performance issues on my PC. Somehow I got a miner using my GPU in the background. Eventually I bought Malware Bytes Premium to get rid of it permanently. Unfortunately after every restart I get a threat detection even though I deleted them after sending them to quarantine. After trying it alone for some evenings I'm seeking some help here. Please let me know if I need to provide further information. Best regards! mb_log.txt Addition.txt FRST.txt
  14. Hello, My name is Andrea and I am writing here because i have notice a problem with my PC since a bit and only now I have realized it could be infected by a miner or similar. I have noticed, thanks to Adterburner tray icons, that my Laptop uses 99% of the GPU when idle with consequent heating. The weird thing is that the usage instantly drops as I open task manager or process explorer. As soon as I close them back, the usage rise again to 99%. I did some rearch online and it occured it could be a trojan or a miner. However, I did not find a solution to the problem. I have the premium version of Malwarebytes and i tried to do a few scann (even the full rootkit one) without finding anything. I would be very gratefull if anyone could help me addressing the problem. I apologize for my English (I'm Italian). Andrea
  15. FWIW if it helps someone. Sorry I can't find the string(s) I was in originally. Had a problem with the coinhive mess, but I didn't know it. Machine slowed to a crawl and task manager showed chrome using more than 80% of CPU. Used adw, FRST, eset, malwarebytes, CC, researched for eons. Tried everything written on this subject here and everywhere else. Nothing. Only a problem in chrome. So bit the bullet and removed all addons, etc from chrome... went away. Started adding things back. Turned out, AdRemover FOR chrome was the culprit. Would never have known the miner was there if not for malwarebytes warning me of the problem. It couldn't remove it I suppose since it's a "legitimate"? program? At any rate, my i7 with 32 gigs of ram and an nvidea 930 once again runs like an i7 with 32 gigs of ram and an nvidia 930.
  16. Hi, I managed to download a bitcoin miner while downloading mods for GTAV, and no matter how many times I scan using malwarebytes it won't go. After the system restart it persists and slows my PC down so much that it struggles with even CS:GO. I can't download FRST or RogueKiller because as soon as I type it in any browser, the browser closes as if the malware is closing it before I can use either tool to kill it. Please end my suffering lol
  17. Hello, I scanned my computer with the free version of malwarebytes and the scan came up with a few infections. I deleted these files and the registry entry in both regular and safe modes but it seems that they are being created each time the system is booted up. Attached is a screenshot of the scan results and the infected files. I'm running Windows 7 Home Premium 64-bit. Any help on how to get rid of these? Thanks!
  18. For quite some time I had CPU usage issues that appeared to be coming from the WMI service. I figured out a workaround which was to shut down the service called "WMI" but this wasn't ideal as it would need to happen on each reboot. I have also discovered a service called NVU which claims to be NVIDIA driver updater but I suspect it is also fake. Today I figured out that WMI was a Bitcoin Miner virus and I was able to find the associated files. I could have removed them manually but I got Malwarebytes to scan and remove them for me. On reboot now, my CPU is back to normal and those questionable files are gone. However, the WMI and NVU "services" still appear in the list of local services. I can no longer start or stop them (just get an error) I'm just wondering how to remove the fake services.
  19. Hello, My laptop has been using it's fan quite vigorously when it's idle but I didn't take it seriously. Today I realized it is really bugging me out. When no input is given to the pc it began to spin its fans really fast. But when I move the mouse it almost suddenly stops. Then I ran Tas Manager on the screen and I waited. When the fans began to spin again I realized a process is using almost 60% of my CPU. Name of the process is "mint.exe". No luck finding any information though. Ran a malwarebytes scan and it found 1 software. "Guard.lnk" which lead me to "Guard.exe" in "C:\Users\user\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings". BTW "Internet Settings" folder is hidden. Showing hidden items didn't help. But going directly to the address let me in. Content of the folder is attached. There is a "config.txt" file in the folder which led me thinking it is a stealth miner malware. You will get when you see the config file which is attached also. If any of you guys want me to share the files for analyzing purposes I will gladly share them with you. But I want them to be gone of course. malwarebytes report, FRST.txt, Addition.txt files are attached. TL;DR: Cryptocurrency miner malware infected. Need to remove. Please help. Required files are attached. Thank you config.txt malwarebytes.txt FRST.txt Addition.txt
  20. Hello, my friends!! I need your help and specialist consultation. During the computer scan for viruses, I found miners (the report attached for review). I need your advice, can I safely delete these files? my_report.txt
  21. after doing some research i ended up on this conclusion: some companies using CoinHive to mine in your browser without your knowledge, how i knew it ? https://github.com/AliasIO/Wappalyzer/issues/1807 i have an addon called WAPPALYZER it shows what tech your site is made, i noticed something is confusing all websites have CoinHive plugin, EVEN GOOGLE i was WHAT! no way its a bug i went there to GITHUB i opened an issue someone told me maybe iam infected somehow with it, i was hmm that seems logic on my computer i have those antiviruses:(both are paid licenses) Malwarebyte ESET Smart Security iam reporting that neither anyone noticed it but this is a big malware issue they are using COINHIVE API to USE your CPU to MINE! i scanned many times i disabled all my plugins nothing!!!
  22. I can't exactly say how I got infected. Now there are two folders in AppData/Roaming: LtdNotify24 and Qi8lf. Dr. Web marks files in these two folders constantly. Deleting them through LockHunter gives nothing. It is downloading itself again (while turning internet connections off it Dr.Web stays quiet). There are two processes loading CPU: svchost on the start (initializes connection?) and then aes.avx2 (miner program). I will provide any info needed.
  23. Hi, I've found a Bitcoin miner trojan in my PC, as the title says. It is located in svchost.exe and it opens a process that uses 50% of my CPU and 90-100% of my GPU. Even if I kill the process, the GPU keeps getting hot and being used at 100%. I've tried to remove the malware with MBAR, but it crashes when scanning registers and directories, so it isn't able to start the cleanup process. I've also tried using MBAM, but after it eliminates it and I reboot my PC, the malware is still there. I don't know what to do, please help me. I have attached to this post both the results of the Farbar scan. Addition.txt FRST.txt
  24. Hello, I've recently found through malwarebytes that I have two bitcoin miners, called SVChost. Malwarebytes cleaned everything else up, but couldn't remove these two. I found a thread where the issue had been resolved for someone else here: https://forums.malwarebytes.org/index.php?/topic/125534-cant-remove-bitcoin-miner-and-svchostexe-virus/ Unfortunately, the part where MrCharlie tells him what to delete with Roguekiller, I can't quite make out what he means. I'm running windows 7 x64. Please help! Thanks! PS: I've attached my RogueKiller report! RKreport_SCN_07052015_221650.log
  25. Hey there, some updates made to ESEA CSGO Anti-cheat making it always running on your computer, it can read + analyse data and memory on your pc and send it to ESEA servers. ESEA is ''trusted'' and the worlds best anti-cheating system for PC. But my question is this, in 2013 a ''rogue employe'' injected malware into the anticheat that made it mine bitcoins and destroy a lot of ppls computers and this was when they made it running fulltime and they then changed it to only running when playing CSGO ESEA. They did get sued for a million dollars tho and had to pay that Now they are gonna make it running fulltime on your PC and like the question is should I trust them? I play CSGO competively and I do it on ESEA because I dont like cheaters. And will MBAM detect any ''behaviour'' which is malicious if that occurs? They literally have 100% full acess to your computer with their anti-cheat its not like usual ones, so yeh its a bit scary! Thats the price you pay to play without cheaters. Also one last question, did MBAM detect it back in 2013 when a rogue employe added malware bitcoin miner into it?? Just curious!
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.