Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
humanwall

i think my pc have been hijacked by a sneaky cryptocurrency miner

I have done it i have fixed it 

 

I pulled the evil out of its roots but no battles are won with out sacrifices

 

As you can see in the picture attached i have lost my window

 

Rip win 10 2017(i think) - 2020

 

I have gone mad and deleted lsass.exe 

Sheft+delete the s@@@ out of that damn thing all the results with that wicked name have been butchered 

 

Now its time to look for a flash drive to use for fresh window installation 

 

Thanks u all for trying to help 

20200418_020550.jpg

Recommended Posts

Posted · Original PosterOP
2 minutes ago, xAcid9 said:

Try SFC or/and DISM Restore Health command. 

Btw if you disconnect from internet does it still spiking? If yes then maybe not a crypto miner. 

 

Also can you check Windows Event Viewers for errors or shits?

the moment i disconnect from the internet cpu usage drops 

Link to post
Share on other sites
Posted · Original PosterOP
10 minutes ago, xAcid9 said:

Try SFC or/and DISM Restore Health command. 

Btw if you disconnect from internet does it still spiking? If yes then maybe not a crypto miner. 

 

Also can you check Windows Event Viewers for errors or shits?

picture above with the internet disconnected 

Untitled1png.png

Link to post
Share on other sites
3 minutes ago, humanwall said:

the moment i disconnect from the internet cpu usage drops 

Yeah most probably rootkit crypto. 🤔

Can you run this tool and upload the SysnativeFileCollectionApp.zip file after it's done? https://www.sysnative.com/forums/pages/bsodcollectionapp/

 

Also try scan with Malwarebytes. 


| Intel i7-3770@4.2Ghz | Asus Z77-V | Zotac 980 Ti Amp! Omega | DDR3 1800mhz 4GB x4 | 300GB Intel DC S3500 SSD | 512GB Plextor M5 Pro | 2x 1TB WD Blue HDD |
 | Enermax NAXN82+ 650W 80Plus Bronze | Fiio E07K | Grado SR80i | Cooler Master XB HAF EVO | Logitech G27 | Logitech G600 | CM Storm Quickfire TK | DualShock 4 |

Link to post
Share on other sites
Posted · Original PosterOP
1 minute ago, xAcid9 said:

Yeah most probably rootkit crypto. 🤔

Can you run this tool and upload the SysnativeFileCollectionApp.zip file after it's done? https://www.sysnative.com/forums/pages/bsodcollectionapp/

 

Also try scan with Malwarebytes. 

i already tried malwarebytes it dosent detect it 

i will try the tool once the 4th anti virus im trying finish the scan : (

Link to post
Share on other sites
Posted · Original PosterOP
16 minutes ago, Craftyawesome said:

Windows defender offline scan?

nope dosent work i tried more than 15 anti viruses none of them seems to be detecting it 

 

i even deleted the isass.exe in safemode got a window error that the pc is restarting in 1 minute then it just created it self again with the same issue

Link to post
Share on other sites
4 hours ago, humanwall said:

cpu usage drops to 0 the moment i open any of those apps

That's indeed some sneaky ass shit ...

Did you try live CD antivirus scanners ? Not ones that run in the OS but from flash drive.


Tag or quote me so i see your reply

Link to post
Share on other sites
Posted · Original PosterOP
14 minutes ago, Juular said:

That's indeed some sneaky ass shit ...

Did you try live CD antivirus scanners ? Not ones that run in the OS but from flash drive.

nope i have never heard of those 

 

if you know any can you recommend one 

Link to post
Share on other sites
Posted · Original PosterOP · Best Answer

I have done it i have fixed it 

 

I pulled the evil out of its roots but no battles are won with out sacrifices

 

As you can see in the picture attached i have lost my window

 

Rip win 10 2017(i think) - 2020

 

I have gone mad and deleted lsass.exe 

Sheft+delete the s@@@ out of that damn thing all the results with that wicked name have been butchered 

 

Now its time to look for a flash drive to use for fresh window installation 

 

Thanks u all for trying to help 

20200418_020550.jpg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×