Jump to content

Search the Community

Showing results for tags 'miner'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes 3 Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 17 results

  1. Hello, My Computer has Norton installed and I have a Miner.Bitcoinminer Malware somewhere? My Norton just brings a Popup that its beeing blocked but cant find any History or Source of the problem. I Attached my FRST Files please Help me. Addition.txt FRST.txt
  2. Hey, I have run a performance diagnostic report on my PC after noticing issues with performance. Receiving the following warning. This seems to be widely linked to trojans/cryptominers. I have followed all the instructions on this page https://www.bleepingcomputer.com/virus-removal/remove-taskhostw.exe-and-windows-update-checker-miner#rt_options but no luck. No anti malware software seems to be picking this up. not showing in task manager or on process explorer. Could you please help to get this removed from my system. Scan logs attached. Thank you! Ben Malwarebytes logs.txt
  3. I use Synmantec antivirus and like after every 10 mins it shows Miner.Bitcoinminer 7 activity detected, and normal scans can't seem to be able to get rid of it, please someone guide me on how to remove this malware.
  4. So I've been having this problem for the last few days, my PC was pretty slow so I ran malwarebytes and it found a lot of stuff, then got rid of it but they came back with every reboot so I started looking into solutions online, I guess I've managed to get rid of a few of them by running a lot of different cleaning tools but "conhost.exe" always comes back after reboot. There was also some exes called lsmose and mysa1 mysa2 and mysa3 which I found out online that are bitcoin miners. I can stop the conhost manually by stopping some processes but it comes back after every reboot so I would really appreciate some help. I already ran FRST and attached the files, also not sure if this changes anything but these are the cleaning tools I used: malwarebytes, hitmanpro, roguekiller, mbamantirootkit and combofix FRST.txt Addition.txt
  5. Through another program, someone installed a suprnova.cc miner. How do I remove it? Does MalwareBytes detect it?
  6. Hello, I am very new to the malwarebytesforums and it is admittedly a little bit late to be searching for help, but this infection has avoided everything in my power. About four days ago, I acquired a new steam game, but it kept crashing to desktop upon launch. Although the fix was simple (Update graphics drivers), I saw a "Mod" by someone online that'd fix the issue. After downloading and running the file, it gave me an error, so I closed and deleted it, and didn't give it much thought. Little did I know I started going down a slippery slope. About an hour later exactly, norton starts giving me this: There are attempted attacks ranging in intervals of 10 minutes to 2 hours (Not shown here for the reason explained below) Firstly, I apologize, my Windows install is in Spanish, it can't be helped, but I don't think it will affect the removal process. Secondly, the attack always originates from a (What i assume must be) a regional location file within the SysWOW64 folder. I HAVE tried to delete the file folder highlighted below on red (Last attempt today no, which solves the issue for about 4-8 hours. It always comes back. Scans using Zemana, Malwarebytes, Roguekiller, Norton PowerEraser, and the like, return empty. I have also tried running TDSSKiller, but the files it found are either redundant (Civilization V uninstall files and the like) Or Kernel and system drivers which I am too afraid to delete. The only thing I have not attempted is the FRST tool as I dont know how to create a fixlist, and I am afraid of what it might do to the system. I am attaching the FRST.txt and Addition.txt files from today here for review, however. Thank you for reading this far, I'll patiently await your response! Addition.txt FRST.txt
  7. Greetings, Malwarebytes forums. For the past few weeks, my laptop has been running very slowly, with high temperature (the CPU even reaches 100C on some occasions, with the core voltage exceeding 20V per core). The fan would ran at max speed even when the whole system is in idle mode (I do open a few programs related to my work, but all of them are network-related stuffs and in idle mode). Curious, I checked the Task Manager and see one of my workplace apps consuming exactly 25% of CPU. Occasionally it would dip or raise above that level but it would revert back to utilizing 25% of the CPU (an i5-2520M@2.5). Even more curious is the fact that if I force close the application in question, the 25% CPU utilization would be transfer to another apps previously in idle mode (with 0% CPU usage), even as far as transfering that utilization to explorer.exe and jusched.exe, which is entirely unrelated and would never consumes that huge amount of computing power. Thus, I suspect that my laptop is infected with some kind of crypto miner designed to run at 25% of system resources. Even more curious still is the fact that if I turn off everything, or restarting the system, the CPU utilization would return to a normal level. So what is wrong with my system and how should I proceed to remove this threat? I'm worried that if this continues, my laptop would turn into a pile of plastic and steel garbage pretty soon. P/s: My colleague has an identical laptop with an identical set of work-related apps, and his experienced no problem so far.
  8. Hello, some days ago I noticed some performance issues on my PC. Somehow I got a miner using my GPU in the background. Eventually I bought Malware Bytes Premium to get rid of it permanently. Unfortunately after every restart I get a threat detection even though I deleted them after sending them to quarantine. After trying it alone for some evenings I'm seeking some help here. Please let me know if I need to provide further information. Best regards! mb_log.txt Addition.txt FRST.txt
  9. Hello, My name is Andrea and I am writing here because i have notice a problem with my PC since a bit and only now I have realized it could be infected by a miner or similar. I have noticed, thanks to Adterburner tray icons, that my Laptop uses 99% of the GPU when idle with consequent heating. The weird thing is that the usage instantly drops as I open task manager or process explorer. As soon as I close them back, the usage rise again to 99%. I did some rearch online and it occured it could be a trojan or a miner. However, I did not find a solution to the problem. I have the premium version of Malwarebytes and i tried to do a few scann (even the full rootkit one) without finding anything. I would be very gratefull if anyone could help me addressing the problem. I apologize for my English (I'm Italian). Andrea
  10. FWIW if it helps someone. Sorry I can't find the string(s) I was in originally. Had a problem with the coinhive mess, but I didn't know it. Machine slowed to a crawl and task manager showed chrome using more than 80% of CPU. Used adw, FRST, eset, malwarebytes, CC, researched for eons. Tried everything written on this subject here and everywhere else. Nothing. Only a problem in chrome. So bit the bullet and removed all addons, etc from chrome... went away. Started adding things back. Turned out, AdRemover FOR chrome was the culprit. Would never have known the miner was there if not for malwarebytes warning me of the problem. It couldn't remove it I suppose since it's a "legitimate"? program? At any rate, my i7 with 32 gigs of ram and an nvidea 930 once again runs like an i7 with 32 gigs of ram and an nvidia 930.
  11. Hi, I managed to download a bitcoin miner while downloading mods for GTAV, and no matter how many times I scan using malwarebytes it won't go. After the system restart it persists and slows my PC down so much that it struggles with even CS:GO. I can't download FRST or RogueKiller because as soon as I type it in any browser, the browser closes as if the malware is closing it before I can use either tool to kill it. Please end my suffering lol
  12. Hello, I scanned my computer with the free version of malwarebytes and the scan came up with a few infections. I deleted these files and the registry entry in both regular and safe modes but it seems that they are being created each time the system is booted up. Attached is a screenshot of the scan results and the infected files. I'm running Windows 7 Home Premium 64-bit. Any help on how to get rid of these? Thanks!
  13. For quite some time I had CPU usage issues that appeared to be coming from the WMI service. I figured out a workaround which was to shut down the service called "WMI" but this wasn't ideal as it would need to happen on each reboot. I have also discovered a service called NVU which claims to be NVIDIA driver updater but I suspect it is also fake. Today I figured out that WMI was a Bitcoin Miner virus and I was able to find the associated files. I could have removed them manually but I got Malwarebytes to scan and remove them for me. On reboot now, my CPU is back to normal and those questionable files are gone. However, the WMI and NVU "services" still appear in the list of local services. I can no longer start or stop them (just get an error) I'm just wondering how to remove the fake services.
  14. Hello, My laptop has been using it's fan quite vigorously when it's idle but I didn't take it seriously. Today I realized it is really bugging me out. When no input is given to the pc it began to spin its fans really fast. But when I move the mouse it almost suddenly stops. Then I ran Tas Manager on the screen and I waited. When the fans began to spin again I realized a process is using almost 60% of my CPU. Name of the process is "mint.exe". No luck finding any information though. Ran a malwarebytes scan and it found 1 software. "Guard.lnk" which lead me to "Guard.exe" in "C:\Users\user\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings". BTW "Internet Settings" folder is hidden. Showing hidden items didn't help. But going directly to the address let me in. Content of the folder is attached. There is a "config.txt" file in the folder which led me thinking it is a stealth miner malware. You will get when you see the config file which is attached also. If any of you guys want me to share the files for analyzing purposes I will gladly share them with you. But I want them to be gone of course. malwarebytes report, FRST.txt, Addition.txt files are attached. TL;DR: Cryptocurrency miner malware infected. Need to remove. Please help. Required files are attached. Thank you config.txt malwarebytes.txt FRST.txt Addition.txt
  15. Hello, my friends!! I need your help and specialist consultation. During the computer scan for viruses, I found miners (the report attached for review). I need your advice, can I safely delete these files? my_report.txt
  16. after doing some research i ended up on this conclusion: some companies using CoinHive to mine in your browser without your knowledge, how i knew it ? https://github.com/AliasIO/Wappalyzer/issues/1807 i have an addon called WAPPALYZER it shows what tech your site is made, i noticed something is confusing all websites have CoinHive plugin, EVEN GOOGLE i was WHAT! no way its a bug i went there to GITHUB i opened an issue someone told me maybe iam infected somehow with it, i was hmm that seems logic on my computer i have those antiviruses:(both are paid licenses) Malwarebyte ESET Smart Security iam reporting that neither anyone noticed it but this is a big malware issue they are using COINHIVE API to USE your CPU to MINE! i scanned many times i disabled all my plugins nothing!!!
  17. I can't exactly say how I got infected. Now there are two folders in AppData/Roaming: LtdNotify24 and Qi8lf. Dr. Web marks files in these two folders constantly. Deleting them through LockHunter gives nothing. It is downloading itself again (while turning internet connections off it Dr.Web stays quiet). There are two processes loading CPU: svchost on the start (initializes connection?) and then aes.avx2 (miner program). I will provide any info needed.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.