Bitcoin miner in svchost.exe using up 90% of my CPU and won't delete

Sidebar Sidebar
cacra

cacra

Honorable
Jul 10, 2013
15
0
10,570
I have already ran Malwarebytes and it said it detected a bitcoin miner and apparently deleted it but on restarting my system svchost.exe is still using a massive amount of my cpu. I know svchost.exe is an important process for Windows 8 so I can't just end the process and delete the file, so I have no idea what to do.

What should I do?

Thanks.

I ran malwarebytes again and it found so me more malware in the exact same place as last time I ran it, should I use something like fileshredder to clear the free space on my drive after deleting the malware?
 
Sort by date Sort by votes
cacra

cacra

Honorable
Jul 10, 2013
15
0
10,570


Thank you, but I don't do anything on Windows besides gaming. If I was doing online banking or something on Windows I would agree but I don't think it is worth the hassle just to protect my World of Tanks login.
 
Upvote 0 Downvote
cacra

cacra

Honorable
Jul 10, 2013
15
0
10,570
I deleted the malware and used fileshredder to clear the free space on my drive, I think the malware has gone after restarting but I'm not sure.

svchost.exe is running at max 8% of my CPU, is this normal?
 
Upvote 0 Downvote
laviniuc

laviniuc

Honorable
Nov 29, 2013
244
0
11,110
ok, open up msconfig (start run msconfig) go to the services section, hide all micrsoft and disable any that sound fishy. restart, run again malware bytes and let it clean it again.

also go to task manager, and find any start up programs that may re-add the miner.

you can cleanup a bit better with ccleaner (https://www.piriform.com/ccleaner/download/portable ), and the start up tab
 
Upvote 0 Downvote
R

Rookie_MIB

Honorable
Jul 27, 2013
30
0
10,610
You can get more information by downloading and installing sysinternals 'process explorer'.

https://technet.microsoft.com/en-us/sysinternals/bb896653.aspx

This is like a 'task manager' on steroids and will give you more information on exactly what is loading up each svchost process so you can determine whether or not the malware is still present. After checking out all the processes that you're worried about, load up msconfig:

From the metro start screen, 'msconfig' - this will pull up the microsoft configuration. It allows you to see startup programs which you can enable/disable, services which are started - and you can disable, enable etc. If you see something weird in there, run a google search on it and see if it comes up as questionable. Disable it. After you're done looking through them, reboot and see how it looks.

All in all, if you're 8% max svchost, that's not unusual. There are quite a few svchosts which are legit on Windows, so eliminating them all is unrealistic. Of course, running 90% on one of them constantly indicates a problem...
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

M
  • Locked
  • Question
Question Stumpted why laptop is slow and can't be fixed
Replies
4
Views
3K
Laptop General Discussion
mindhumble
M
tinywhisk
  • Locked
  • Solved
Solved! ".Net Optimization service"
Replies
4
Views
4K
Antivirus / Security / Privacy
tinywhisk
tinywhisk
Cyber_Akuma
  • Question
Question Thinking Of Ditching Eset/Nod32, But Windows Defender Is A Pain To Deal With
Replies
1
Views
4K
Antivirus / Security / Privacy
BEAUFORD_SAVAGE
B
K
  • Solved
Solved! Massive screen trembling/shaking and fps drops after few minutes of gaming
Replies
2
Views
6K
Laptop Tech Support
KnorR04
K
B
  • Question
2 svchost.exe Processes Without Names Using Up Most of My CPU
Replies
1
Views
3K
Antivirus / Security / Privacy
maks kuznia
M

TRENDING THREADS

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom