Hello everybody! In this video I’m going to show you how
to remove a hidden Bitcoin mining virus from your computer. If you noticed that your computer – while you’re
not using it – still behaves as if it works on a complicated task, or if it becomes very
slow when dealing even with simple office routine, it could be a mining virus working
inside your system. If you never heard of a mining virus here’s
the explanation – it is a virus that uses computer resources to generate some cryptocurrency.
You can watch one of our videos to learn more
about mining cryptocurrencies. Find the link in the description. Such mining operations take place automatically
without the user’s knowledge, and unfortunately, your PC won’t show you any warnings about
it. Software like this can appear on your computer
when you download files from doubtful websites, so before you download an app from a website
you never heard of check the link with the service VirusTotal – just copy the link to
the file and paste it into this field to check it; you will see the result and then decide
if it’s worth downloading from such website. You will find the link to this service in
the description.
The danger of a mining virus
This kind of virus makes your computer work at full capacity so that it can become slow
even during simple operations. Continuous work in such conditions affects
the computer’s hardware which may break down pretty soon. In the first place, it reduces the lifespan
of your graphics card, processor, system memory and even the cooling system. How to detect a virus
The first sign of a mining virus on your computer is lagging even in simple tasks and the cooler
working at maximum speed all the time. If things like that are happening to your
computer, try breaking the Internet connection or turn off the modem.
If the lags have disappeared and the CPU cooler
has become considerably quieter, that is almost a certain sign that you’ve got the mining
virus on your PC. Recently such viruses have become very good
at disguising themselves. There can be a dedicated process controlling
such mining virus and it can suspend the mining activity when you start a resource-intensive
game so that you never notice any lags or freezes resulting from the virus activity. As soon as you exit the game, the virus will
start mining again. The most dangerous types can even disable
antivirus scanners on your PC. So to detect a virus the first thing to do
is to scan the computer with an antivirus having the latest database.
In case with simple mining viruses, you’re
not going to have any difficulties. They will be detected easily and removed. But the viruses hiding from the scan will
make you try harder than that. A helpful tool in finding a hidden mining
app is the Task Manager – open it by pressing the key shortcuts Ctrl + Alt + Del or Ctrl
+ Shift + Esc. For some time, watch the active processes,
but don’t forget to close all programs you were using. If a process puts a lot of load on the system,
it could be the virus you are looking for.
For example, on my computer there is a process
with the name “system.exe” that makes the operating system work hard. For more information, click on the tab “Details”
and find this file here. As you can see it is launched by the user
while such processes should be launched by the system – and it’s a certain sign there’s
a virus. By right-clicking on it you can search online
for more information on this process, or try to end this task, open file location and try
removing it if possible. Most mining viruses prefer using the graphics
adapter, not the processor. In this case, you may never see them in the
Task Manager, especially on older versions of the Windows operating system.
On the contrary, in Windows 10 Task Manager
you can see how loaded both the central and the graphics processors are – and if the computer
is idle but the load values are close to 100%, your computer is very likely to be mining. Some miner viruses can even disable the Task
Manager just a few minutes after you start it, and this is also a very prominent sign
of threat. Also, some of them may stop when the Task
Manager is started, so you won’t see them in the Task Manager window. However, special software can help you – for
example, AIDA, AnVir Task Manager, Process hacker and other similar apps which can track
the system load over time. When you start any program from this list,
you may find a picture very different from what you see in the Task Manager. You can find the download links in the description. There are also situations when the Task Manager
shows excessive load from the browser – then it can be a web mining application that works
from a certain website.
In this case, you’d better stop using the
browser or add an extension to block ads which will prevent websites from mining on your
computer. Watch another video about useful browser extensions
– the link is below as usual. How to remove the mining virus
To remove the virus, scan the system with an antivirus having the latest virus database. You might have a simple mining app which is
not hidden, so the antivirus will find and destroy it easily.
If it didn’t happen, and you find the suspicious
app in the Task Manager, you can try removing it through the registry. To do it, open the “Run” window and use
the command “regedit.” Go to Edit / Find, type the virus name and
remove any coincidences you have found. If you are not sure that such file can be
deleted, then don’t remove it as it can be even more harmful for the system, and if
you are going to make any changes to the registry, we recommend exporting the registry file. You can watch another video on our channel
to see how – the link is below as usual. Do it with AnVir Task Manager If you haven’t found anything in the Task
Manager, but the computer behaves strangely, use the utility called AnVir Task Manager. Start the program and examine all running
processes – if anything looks suspicious, put the cursor on the application to see the
information about it.
Then right-click on it and select “Detailed
info”, then “Performance.” Choose “1 day” to view the load on your
PC during this period of time. If the process put much load on the system,
note down its name and path. Right-click on the process and select “Kill
process.” As you can see, every process is assigned
a risk level to make it easier to monitor viral activities. Follow the given path and try to remove the
virus from this folder. Most likely it will be hidden and you won’t
see it unless you have enabled showing hidden files. To do it, click on View and check the box
next to Hidden items and the elements will reappear. Or give the name of the virus and find it
in the registry using the method I have shown before, and remove all the coincidences. After that, it is recommended to scan the
system again and remove the detected threats, then restart the system. If you don’t feel too confident about your
antivirus, use one of the portable utilities like Dr.Web Cureit. It is often used to search for hidden miners.
This is a free utility and you can download
it from the official website by following the link below this video. (You can watch one of our videos to see how
to remove any virus. Find the link in the description. It is important to use the latest version. Just download the program and open it; start
the scanning and wait until it is complete. Then you will see the list of all detected
threats and possible actions you can take to eliminate them. That is all for now. Hit the Like button and subscribe to our channel.
Leave comments to ask questions. Thank you for watching. Good luck..