|09 Jun 2014||#1|
Message box keeps popping up on my screen (at logon) - Trojan Bitcoin!
I noticed a suspicious message on my computer when first logging on -
MalwareBytes identified the issue as 'Trojan.Bitcoin' and moved it to Quarantine (as shown in the attached log file), however I am still seeing the message (above) whenever logging onto Windows.
I would really like to remove all traces of this Trojan, and until I do so I am not confident that my computer is secure.
Has anybody else experienced this Trojan, and if so did you manage to remove this message box?
|My System Specs|
|09 Jun 2014||#2|
After doing some more research I realized that the threat which had infected my computer was quite common, and was called different things by different protection programs. Here is a link that describes the infection in greater detail -
For those interested in a little extra reading; I found this article to be quite informative -
New trojan hijacks your PC for Bitcoin mining
Whilst running an up to date version of MalwareBytes did seem to quarantine the Trojan (please see attached log), ultimately it did not stop it completely. Instead I was constantly seeing the message that started my thread...
After doing a little digging in my file system I found the offending folder that still contained some files that were part of the Trojan threat.
The 'def.bat' file (above) was found to contain the offending Windows Script Host commands -
Once I knew what the Trojan was doing I double checked Msconfig for any unusual entries, and found -
I could not take a screen shot of the entire Msconfig entry in one go so here is some more...
I unchecked the Msconfig entry for this Trojan, and manually performed a 'permanent' delete (with SHIFT + DELETE) on the files contained in the Cache folder. After rebooting the message did not present on screen again, and the Cache folder was clean -
Once more I am running a full MalwareBytes scan, and once this completes I will scan with additional Anti-Virus programs before being convinced that my system is completely clean. However I think that I am now on the right track...
|My System Specs|
|Similar help and support threads for2: Message box keeps popping up on my screen (at logon) - Trojan Bitcoin!|
|Update Plugins message popping up.||Browsers & Mail|
|Scheduled task message popping up in background ...||General Discussion|
|Logon screen, change/remove logon picture||Customization|
|New Trojan Targets Bitcoin Wallets||Security News|
|How to change Logon screen Picture frame (before logon)||Customization|
© Designer Media Ltd
All times are GMT -5. The time now is 08:40 AM.