Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

svchost.exe bitcoin miner


  • This topic is locked This topic is locked
1 reply to this topic

#1 Aras_M

Aras_M

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:43 AM

Posted 14 May 2015 - 05:30 AM

Hello everyone,

As the title says, i have a little problem with svchost.exe (which could also be the bitcoin miner).

 

Kaspersky found something in C:\Windows\temp\svchost.exe around one month ago. I tried to fix it but it came back after every restart. As it did nothing to my pc and as it was called svchost.exe i thought that it is a mistake of Kaspersky.

 

My gpu is on 100% while idling. As i had a bitcoin mining virus before, i rememberred the same symptom and did some things:

 

Combo fix: I ran it once and it seemed to fix my problem until i restartet.

 

Kaspersky: Was unable to do anything but recognise the virus. I tried the secure Disc but it couldn't get rid of the virus.

 

Malwarebytes: It found two svchost.exe and two lsass.exe. But because it needs a restart and my pc was unable to shut down, nothing happened. I ran it again later in secure mode and the restart was possible. It seems like it solved the problem but Kaspersky still tells me there is svchost.exe in my temp folder.

 

RogueKiller, HitmanPro and ESETPoweliksClean... didn't work.

 

When i run Combofix my gpu usage goes down and everything seems to be normal but i have no internet connection and when i restart it's like i never ran combofix.

 

 

 

Could anyone please help me to fix this problem so that it doesn't start again in a month.



BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:12:43 PM

Posted 14 May 2015 - 07:10 AM

Crossposting:

https://forums.malwarebytes.org/index.php?/topic/168405-svchostexe-bitcoin-miner/


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users