Search the Community
Showing results for tags 'wmi'.
For quite some time I had CPU usage issues that appeared to be coming from the WMI service. I figured out a workaround which was to shut down the service called "WMI" but this wasn't ideal as it would need to happen on each reboot. I have also discovered a service called NVU which claims to be NVIDIA driver updater but I suspect it is also fake. Today I figured out that WMI was a Bitcoin Miner virus and I was able to find the associated files. I could have removed them manually but I got Malwarebytes to scan and remove them for me. On reboot now, my CPU is back to norm
So I've posted before about some odd happenings and never really found a solution but think I got a little closer. In my event logs, I have several power shell events like pshell console starting a server (among other things), Multiple WMI services starting, and browser redirects. Nothing has ever been found by Win defender or MBAM Premium (I really don't feel like they're working - on the surface they seem to working fine but I think it's an illusion). Hitman Pro did find a file Win32.Droma.abdb (first malicious file I've ever found) and that led me to googling that and found this article.
Hi, I recently was on a site trying to download a textbook online and I did, and it popped up as an application in the E drive. Honestly, the fact that it was a program should've been my first hint, but I was kind of desperate to find the textbook that I tried to open it. WMI Commandline utility popped up and I knew right away it was a virus. I've had this happen before on another computer, and somehow I fixed it, however I do not remember how I did. I downloaded MalwareBytes because I've used it before and it's a good program, and I scanned both the file and the whole drive, both scans turned