Jump to content

Help removing what i suspect is a bitcoinminer


Recommended Posts

Hi everyone. I recently noticed my gpu fans running high and my gpu usage at 100% with around 90 degrees celsius while playing games

The reason i suspect this is a bitcoinminer, is because I'll be playing a game like Dark Souls 2, a game with very little multiplayer connectivity, and about 20 minutes in I'll drop from a solid 60 fps to around 15. The same happens in games like Counter Strike: GO, where I'll have upwards of 250 fps on bootup, and then crash down to around 100 (doesn't seem like a big deal, but still concerning). I update MSE and ran multiple scans with no benefits, then I installed malwarebytes. I ran a couple of scans and found the usual couple of adware programs but nothing too concerning. Then I started trying other things that weren't virus related. I rolled back my gpu drivers, which actually seemed to help for an hour, until I woke up the next morning and it was doing the same thing. The thing that made me start suspecting it was a virus again was that when I'm playing Dark souls and I get frame drops, my fps goes back up right after I disconnect my wifi adapter (and no, I don't have access to a wired connection right now.) My CPU usage and physical memory are both find, maxing out at about 70% while gaming, and there are no suspicious processes in my task manager. So right now I'm guessing it's either a hardware issue, knowing that my gtx 560 Ti is getting pretty old at this point, or it is a pretty nasty bitcoin mining virus that went unnoticed by two separate virus detections. Please help me with this issue if possible, this is getting very tiring. Thanks in advance!

 

Also, here are my specs

 

gigabyte z77x-d3h

GTX 560 ti @ stock

i5-3570k @ 3.4 GHz (stock)

8 gigs of ram (ripjaw?)

Belkin Dual-Band Wireless Adapter ( I've also tried an old Linksys adapter with the same results)

 

Here is my tasklist idling and connected to the internet

"Image Name","PID","Session Name","Session#","Mem Usage"
"System Idle Process","0","Services","0","24 K"
"System","4","Services","0","988 K"
"smss.exe","400","Services","0","1,196 K"
"csrss.exe","472","Services","0","4,548 K"
"csrss.exe","548","Console","1","19,228 K"
"wininit.exe","556","Services","0","4,584 K"
"winlogon.exe","604","Console","1","7,612 K"
"services.exe","652","Services","0","10,552 K"
"lsass.exe","660","Services","0","12,728 K"
"lsm.exe","668","Services","0","4,408 K"
"svchost.exe","764","Services","0","10,356 K"
"nvvsvc.exe","832","Services","0","7,900 K"
"nvSCPAPISvr.exe","856","Services","0","5,840 K"
"svchost.exe","900","Services","0","8,268 K"
"MsMpEng.exe","972","Services","0","87,128 K"
"svchost.exe","420","Services","0","23,260 K"
"svchost.exe","484","Services","0","198,640 K"
"svchost.exe","540","Services","0","18,020 K"
"svchost.exe","444","Services","0","47,212 K"
"audiodg.exe","1084","Services","0","18,040 K"
"svchost.exe","1272","Services","0","16,852 K"
"wlanext.exe","1360","Services","0","6,300 K"
"conhost.exe","1372","Services","0","2,836 K"
"spoolsv.exe","1480","Services","0","12,992 K"
"svchost.exe","1512","Services","0","19,060 K"
"SkypeC2CAutoUpdateSvc.exe","1600","Services","0","4,924 K"
"SkypeC2CPNRSvc.exe","1632","Services","0","5,016 K"
"GfExperienceService.exe","1748","Services","0","6,276 K"
"mbamscheduler.exe","1804","Services","0","9,812 K"
"nvxdsync.exe","1896","Console","1","20,652 K"
"nvvsvc.exe","1904","Console","1","13,500 K"
"mbamservice.exe","1296","Services","0","90,388 K"
"NvNetworkService.exe","1936","Services","0","5,736 K"
"nvstreamsvc.exe","2068","Services","0","10,356 K"
"RaRegistry64.exe","2108","Services","0","4,164 K"
"RzOvlMon.exe","2148","Services","0","3,728 K"
"svchost.exe","2208","Services","0","5,616 K"
"Updater.exe","2252","Services","0","8,432 K"
"WLIDSVC.EXE","2280","Services","0","12,192 K"
"SearchIndexer.exe","2628","Services","0","14,012 K"
"WLIDSVCM.EXE","2668","Services","0","3,440 K"
"nvstreamsvc.exe","2728","Services","0","13,224 K"
"conhost.exe","2736","Services","0","3,072 K"
"NisSrv.exe","3064","Services","0","7,268 K"
"svchost.exe","3628","Services","0","13,628 K"
"GoogleUpdate.exe","3472","Services","0","548 K"
"wmpnetwk.exe","3308","Services","0","10,876 K"
"taskhost.exe","2192","Console","1","12,776 K"
"dwm.exe","3496","Console","1","8,724 K"
"mbam.exe","988","Console","1","45,876 K"
"explorer.exe","2712","Console","1","61,624 K"
"nvstreamsvc.exe","2640","Console","1","15,424 K"
"conhost.exe","2836","Console","1","4,736 K"
"NvBackend.exe","740","Console","1","22,612 K"
"nvtray.exe","3016","Console","1","12,592 K"
"svchost.exe","4384","Services","0","14,496 K"
"mmc.exe","4816","Console","1","10,880 K"
"dllhost.exe","4736","Services","0","7,272 K"
"Steam.exe","4852","Console","1","111,264 K"
"steamwebhelper.exe","4280","Console","1","26,844 K"
"SteamService.exe","4572","Services","0","8,656 K"
"steamwebhelper.exe","4104","Console","1","69,088 K"
"steamwebhelper.exe","4768","Console","1","25,504 K"
"GameOverlayUI.exe","4656","Console","1","57,980 K"
"taskhost.exe","5916","Console","1","5,204 K"
"taskeng.exe","6092","Console","1","6,136 K"
"Steam","5396","Console","1","11,204 K"
"chrome.exe","5952","Console","1","117,608 K"
"chrome.exe","3764","Console","1","169,848 K"
"chrome.exe","4108","Console","1","67,844 K"
"chrome.exe","2572","Console","1","17,768 K"
"steamwebhelper.exe","5800","Console","1","60,244 K"
"steamwebhelper.exe","4072","Console","1","77,216 K"
"steamwebhelper.exe","4848","Console","1","60,844 K"
"chrome.exe","3604","Console","1","66,920 K"
"chrome.exe","3868","Console","1","150,212 K"
"chrome.exe","6016","Console","1","68,040 K"
"chrome.exe","2832","Console","1","21,500 K"
"procexp.exe","4648","Console","1","7,356 K"
"procexp64.exe","4264","Console","1","23,388 K"
"dxdiag.exe","3372","Console","1","19,116 K"
"chrome.exe","1868","Console","1","68,248 K"
"cmd.exe","4628","Console","1","3,140 K"
"conhost.exe","6048","Console","1","5,420 K"
"chrome.exe","6072","Console","1","61,444 K"
"WmiPrvSE.exe","3596","Services","0","7,472 K"
"tasklist.exe","5720","Console","1","5,748 K"
 
 
Link to post
Share on other sites

  • 3 months later...
  • Root Admin

We're sorry. It looks like your topic was somehow overlooked. Due to the length of time we'll go ahead and close this topic now but if you still actually need help please send a private message to one of the Moderators and we'll assist you.

Thank you and sorry we missed your topic.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.