Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Infected with INSANE bitcoinminer. Desperate for help

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Infected with INSANE bitcoinminer. Desperate for help

Unread postby JohnSmith11 » September 25th, 2017, 9:03 am

Hello everyone icon_surprised.gif
First and foremost, thanks for your time . I appreciate ur good will to help.



I have read

https://www.bleepingcomputer.com/forums ... ting-help/





Background information :



1) SSD has been formatted 1 week ago or less (Cant remember) the second drive (1tb) remained as backup.



2) each time I open Skype /Certain games/ Battle.net EVEN Google Chrome.
my GPU temp jumps from 30 idle to 50 and the GPU uses its full functions (Clock speed jumps to max, etc)



3)My computer's clock time is not stable, keeps on changing (has been like that for more than a year, even tho I formatted 2 times since the problem arise) I suspect this problem is due to having a motherboard battery burnt although it may be a virus in the BIOS.( my assumptions) I never tried to replace a motherboard battery, I currently have Asus Z97 motherboard.


PC scanned with - Rogue-killer, Anti-malware bytes and Hitman PRO.

SSD Has been formatted 2 times in the last 3 years and a half

from win 8.1 to win10. and from win10 to win7. (SINCE THE FIRST FORMAT THE CLOCK STARTED BUGGING.

since then I have had the problem with time.



*bitcoin miner : New problem that I have just noticed recently, which is taking all my attention to cure my GPU.



*Note: Currently If I don't run the apps I mentioned above my GPU temp is OK. therefore the main problems are Clock time changes, and Temp jumps super high for no reason while running certain applications.

I used Process Explorer to try and track which applications cause GPU traffic,
that's how I know when the bitcoin miner works and when it doesn't.

I came here thanks to Combo-fix (Didn't run a scan yet)
Thanks in advance, I will be waiting for your help

Best regards,

John.



LOGS :
Attached Files
You do not have the required permissions to view the files attached to this post.
JohnSmith11
Regular Member
 
Posts: 35
Joined: September 25th, 2017, 6:33 am
Advertisement
Register to Remove

Re: Infected with INSANE bitcoinminer. Desperate for help

Unread postby JohnSmith11 » September 27th, 2017, 3:21 pm

bump


I will try to change battery, but

Unfortunately,

Regarding my time synchronization issue im seeing drifts just while the computer is on, which is a worse issue. Replacing the battery wont help in that case? (waiting for your reply before i open the case and replace it)

Secondly,

Sorry but I disagree with you on this one.

I disagree first, because I didn't explain myself very well,

second,

my problem seems to be VERY VERY bad and now ill explain with as much details as I can.

BG info about my PC :



OS:

Win10 formatted to

Win7 pro 64bit SP1



Note:

When I'm opening .exe, .avi EVEN Google Chrome MY GPU TEMP jumps surprisingly HIGH to stable 50.

from 30

it lasts on 50 until I close the program then it gets back to normal.

AFTER TRACKING THE PROCCESS WITH Asus GPU tweak all of the listed above programs are making my GPU use his max GPU CLOCK & Memory Mhz.

. which is very very weird.

Very very weird thing I noticed is that

after I deleted Google chrome(Infected program) and downloaded Firefox, firefox had no virus and has stable 30 "c" temp.

I tried replacing Skype(Infected) With Discord but then again, No luck . Discord seems to be infected as well.

I used HWmonitor to measure the Temp and RPM of the GPU and at idle after having the infected program on,

they cap at Stable 48"C" with 1970 RPM.

all the other games I play are infected with this virus, i play all games on lower settings, my GPU nvidia driver is set to Max Performance to get most FPS. before this program has appeared League of legends would only take 40C on lowest settings and now its 48"C" with 1970 RPM.



my GPU is asus gtx 770 directuii

my proccessor is i7 4790

and my motherboard is asus z97

the PC was purchased 3 years ago and 2 months, I clean dust very often, last time I cleaned was 1 week ago.

there must be a way to solve it,



Perhaps this might help -



As you have seen in the FRST logs,

I have homegroup connected with 2 or 3 PC's linked to it

( I think, I am not sure my Father is taking charge of the other ones)

Would you like to help me disable the homegroup or my router or homegroup may be the reason of this infection?

Besides, I have 1tb Harddrive connected to the PC along the 128gb SSD, the drive is a backup of my old PC (win10 i formatted)

could it be that there's a virus there that is in charge of this problems?

I know that bitcoin isnt considered as a virus among other AV programs.

I'M CERTAIN there's a Bitcoin miner because of a video I saw in YT with other people describing the same problem as I have, I'll quote them and post link in here this might help you understand better, my english isnt quite perfect and im sorry if its hard to understand.

https://youtu.be/GsvUTO0bwzA

the comment that describes my problem is this(not the same virus, but i think theres strong connection here) :



I haven't noticed anything while playing games but , when i don't move my mouse for 1-2 minutes the CPU and GPU start overloading and overheating. I use Open Hardware Monitor to monitor the temperatures and as i said the temperature on my GPU instantly jumps to 50 C with 100% workload (seen on the Open Hardware Monitor) until i move my mouse ... when i move the mouse the workload jumps to normal (0%) and the temp is also lowering. This doesn't happen while i have the Task Manager opened though ... i read that this is the case so the program (virus, bitcoin miner) doesn't get noticed in the Task Manager. I did a format to my pc but after a day or two this starts happening again. I also tried different anti malware and anti virus programs but they can't find anything. Can this virus be in the BIOS ? I would really appreciate if anyone can help me on this matter ...



I have made a comparison with a friend regarding these programs listed above that causes the gpu temps to go higher.

Skype doesnt require all of the Clock speed & memory on their computers.

nor do AVI's.

I'm afraid the worse problem of the clock is what causing this virus with GPU.
JohnSmith11
Regular Member
 
Posts: 35
Joined: September 25th, 2017, 6:33 am

Re: Infected with INSANE bitcoinminer. Desperate for help

Unread postby Gary R » September 27th, 2017, 5:13 pm

Why have you replied to your topic again before a helper has posted any help instructions.

I thought I'd explained to you that our helpers look for topics with zero replies, and will ignore any topic that has been replied to.

Please start a new topic, submit a new log and a description of your problems and wait for a helper to reply.

And this time do not post to it until you have received a reply from a helper.

This topic is now closed.
User avatar
Gary R
Administrator
Administrator
 
Posts: 24752
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 64 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware