MBAM 02-22-2022 easily found and removed a bitmining trojan off of my system. It was almost 70°F today and I thought it was me turning off my fans for a voice over, and it made no sense. My cpu utilization was about 50-90%, and my GPU 1 (I have 2 gpus) was at 100% use and both cpu and gpu were running at 80°C which is horrible. My case and IAO 3 fan cooler were super warm.
https://www.malwarebytes.com/mwb-download
I thought changing to the new beta bios for my asus TUF-GAMING WIFI was the issue, but it was not. Then I lowered my overclocking, to auto etc, and that was also not the issue. What could it be? What was running? I found a few processes in CTRL+SHIFT+ESC for the task manager, killed a few, and voila, back to something near normal. So I caved in and used MBAM. One scan found a ton of crap.
Was it some shitty autokms for windows or office dropped in some game or some package? Was it some game for gog? Was it something inside of oculus, nvidia, or some driver package? I have read a lot of variations on the web. So look for these files, or something like them, run MBAM, and restart, and your electric bill will thank you.
Users\*\ZoomE.exe
Users\*\ZoomX.exe
Users\*\Public\Libraries\ZoomE.exe
Users\*\Public\Libraries\ZoomX.exe
C:\Users\*\AppData\Roaming\Windows\Telemetry\sihost64.exe
and older stuff similar to this previously
(autokms windows activator hidden in some package I added accidentally?)
C:\Users\*\AppData\Roaming\Windows\Telemetry\sihost32.exe
C:\Users\*\AppData\Roaming\Windows\Libs\sihost64.exe
C:\Users\*\ZoomX.exe
C:\users\*\ZoomE.exe
C:\Windows\Systems32\tasks\ZoomE
C:\Windows\System32\Tasks\Updates\mNYkizWPoloDxA
C:\Users\*\AppData\Local\Temp\8D24.tmp
C:\ProgramData\Adobe\mvlc.vbs
2080 ti ryzen super hot overheat bit mining zoome zoomx
-
- Site Admin
- Posts: 253
- Joined: Tue Oct 27, 2009 9:33 pm