I can't seem to be able to get rid of Trojan.dropper.BCMiner

I'm using Windows 7, Malwarebytes and Microsoft Defender.

Recently, my computer started slowing down and I ran the antivirus. Seems it's something called Trojan.Dropper.BCMiner located in Windows/Installer.

I can't seem to be able to view Windows/Installer, even when I choose to see hidden folders in Folders Options.

No matter how many times I run the antivirus, BCMiner keeps popping up and slowing down my computer.

I've seen several threads on Internet and they all seem to be startted and responded too by the same people or in the exact same unusual way which makes me suspicious that it's planted there by virus makers.


So, how does one get rid of BCMiner?

Thanks very much in advance.

Hi michaelemouse

I am Sampad from Dell Social Media.
In response to your query

#1- Restart Pc in safe mode with networking
(To start the computer in safe mode
1. In the drop-down list of the Shut Down Windows dialog box, click Restart, and then click OK.
2. As your computer restarts but before Windows launches, press F8.
On a computer that is configured for booting to multiple operating systems, you can press F8 when the boot menu appears.

3. Use the arrow keys to highlight safe mode with networking option, and then press ENTER. )

#2- Download and run RKILL
[ RKill Download ]

#3- Download and run TDSkiller
[ http://support.kaspersky.com/downloads/utils/tdsskiller.exe ]

#4- Download and run Hitman pro trial version
[ Downloads - SurfRight ]

#5- Once done with all the scans run a complete clean up using C cleaner
[ Download CCleaner 3.21.1767 - FileHippo.com ]

#6- Once the clean up completes reboot the pc in normal mode again and run a scan using Malware Bytes and check for infections.

Let me know if this worked.


[N.B. All the above mentioned tools have their own license agreement it would be your decision to use them or not]


Thanks and regards,
Dell_Sampad_C
Dell Social Media Responder

All of the above, but you need to disable system restore first

Sampad,

Thanks, that seemed to work.



Oldmx,

Why? Where can I disable that?

Also, there have been three strange behaviors on my computers's part.

1) A large slowdown, especially when using Internet Explorer. This is gone.

2) Several GB of upload and download for the last three days which had nothing to do with my own use. Typically, my upload is just a few dozens Megs and my download is a few hundreds Megs of download.

3) All my icons on my desktop align to the right. I can't seem to put them where I want. Within my folders, it gives me lists rather than icons. I tried Folder Options but it doesn't seem to be able to correct that.

There's always the possibility you have a rootkit. Viruses generally introduce other viruses to the system.
Run a scan with Windows Offline Defender to see if it finds anything:

http://www.sevenforums.com/tutorials/166445-windows-defender-offline.html?filter

have a go with Kaspersky Virus Removal Tool Kaspersky Virus Removal Tool 2011

msmpeng.exe can and will interfere with scanning and removal. just saw this condition afresh over the weekend... the infectors were trojan.dropper and zero-a. it appeared, after several partly successful remediation steps, that the malware agent/s was interfering with the removal steps, but it was not them but msmpeng.
stopping/disabling the service, then using good third party packages nailed them.