virus Undeletable coin miner virus for more than year

[Neythan]

I've noticed unusual behaviour on my pc.

 

When leave it idle the GPU and CPU fans go full rpm, which is not a novelty for those of you who had malware.

 

I noticed then I suddenly unplug the ethernet cable or start the task manager the fans slow down.

 

I used malwarebytes that found the thread called updaterx.exe and uninstaller-updaterx.exe, however I am not sure if this is the thing but when it's quarantine I normally I get off the hook for a few minutes until I restart or connect to Internet as the virus keeps coming back.

 

I blocked the address in hosts.

Malwarebytes detected that this virus wanted to establish connection to a website called asobimo.link (dont enter)

 

I was clean for a few days until Malwarebytes turned rogue and began killing all the windows processes until it got to the vital ones that caused BSOD upon killing.

KERNEL_SECURITY_CHECK_FAILURE

KMODE_EXEPTION_NOT_HANDLED

 

I deleted Malwarebytes, and used HitmanPro for a few days. 

 

I reinstalled windows to factory settings using reset PC services and wiped all the data from the SSD on the OS.

 

Sadly within minutes after plugging all the drives and getting the software instead I got the virus back, again Im not sure from which app or if it was on the windows after the reset. I did full system scan and didn't get anything apart from the mentioned exe's above.

 

Now the virus is getting even worse as it keeps my PC crashing, it mines overnight when I do my renders.

I get new BDOS

 

WHEA_UNCORRECTABLE_ERROR

 

Im out of ideas guys.

 

This thing got me bad.

 

 

 

 

 

 

[DrMacintosh]

In the future use ad blockers and don't download stuff unless you 100% know what you're doing.

 

Reformat all drives (preferably with a different OS and on a separate machine), do not restore from a backup because you likely have backed up your malware. Update your BIOS, format a USB drive, create a bootable Windows installer, add your drives back and install Windows.

[kb5zue]

Just thinking, maybe it's time to do a complete new Windows install.  Get ahold of a copy of the Windows Media Creation Tool and put it on a bootable thumb drive.  I think when you get the tool, it will give you the opportunity to create the bootable thumb drive for you.  You just need to provide the drive.

 

Boot from the flash drive and delete ALL the partitions on your C: drive, then just follow the instructions on the screen to complete the process for a clean install of Windows.

 

One of the most important things is to make sure that your machine in NOT connected to the internet during this process.  You don't want Windows to randomly download and install any other drivers or stuff during the process.  And when you get to the part where Windows wants you to enter your registration key, you can skip that part for now and just complete the Windows install.

 

https://support.microsoft.com/en-us/windows/create-installation-media-for-windows-99a58364-8c02-206f-aa6f-40c3b507420d

 

[Poinkachu]

37 minutes ago, Neythan said:

I've noticed unusual behaviour on my pc.

 

When leave it idle the GPU and CPU fans go full rpm, which is not a novelty for those of you who had malware.

 

I noticed then I suddenly unplug the ethernet cable or start the task manager the fans slow down.

 

I used malwarebytes that found the thread called updaterx.exe and uninstaller-updaterx.exe, however I am not sure if this is the thing but when it's quarantine I normally I get off the hook for a few minutes until I restart or connect to Internet as the virus keeps coming back.

 

I blocked the address in hosts.

Malwarebytes detected that this virus wanted to establish connection to a website called asobimo.link (dont enter)

 

I was clean for a few days until Malwarebytes turned rogue and began killing all the windows processes until it got to the vital ones that caused BSOD upon killing.

KERNEL_SECURITY_CHECK_FAILURE

KMODE_EXEPTION_NOT_HANDLED

 

I deleted Malwarebytes, and used HitmanPro for a few days. 

 

I reinstalled windows to factory settings using reset PC services and wiped all the data from the SSD on the OS.

 

Sadly within minutes after plugging all the drives and getting the software instead I got the virus back, again Im not sure from which app or if it was on the windows after the reset. I did full system scan and didn't get anything apart from the mentioned exe's above.

 

Now the virus is getting even worse as it keeps my PC crashing, it mines overnight when I do my renders.

I get new BDOS

 

WHEA_UNCORRECTABLE_ERROR

 

Im out of ideas guys.

 

This thing got me bad.

Honestly, like peoples above me have said, just reinstall man. And probably format other drives as well.

No guarantee that it is the only malware in your system.