|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 09 Jun 2014 | #1 |
|
|
Message box keeps popping up on my screen (at logon) - Trojan Bitcoin!
Hi Everyone,
I noticed a suspicious message on my computer when first logging on -  MalwareBytes identified the issue as 'Trojan.Bitcoin' and moved it to Quarantine (as shown in the attached log file), however I am still seeing the message (above) whenever logging onto Windows. I would really like to remove all traces of this Trojan, and until I do so I am not confident that my computer is secure. Has anybody else experienced this Trojan, and if so did you manage to remove this message box? Kind Regards, Davo |
My System Specs |
| . |
|
|
| 09 Jun 2014 | #2 |
|
|
Hi Everyone,
After doing some more research I realized that the threat which had infected my computer was quite common, and was called different things by different protection programs. Here is a link that describes the infection in greater detail - http://www.herdprotect.com/defrag.ex...7994fcb4f.aspx For those interested in a little extra reading; I found this article to be quite informative - New trojan hijacks your PC for Bitcoin mining Whilst running an up to date version of MalwareBytes did seem to quarantine the Trojan (please see attached log), ultimately it did not stop it completely. Instead I was constantly seeing the message that started my thread... After doing a little digging in my file system I found the offending folder that still contained some files that were part of the Trojan threat.  The 'def.bat' file (above) was found to contain the offending Windows Script Host commands -  Once I knew what the Trojan was doing I double checked Msconfig for any unusual entries, and found -  I could not take a screen shot of the entire Msconfig entry in one go so here is some more...  I unchecked the Msconfig entry for this Trojan, and manually performed a 'permanent' delete (with SHIFT + DELETE) on the files contained in the Cache folder. After rebooting the message did not present on screen again, and the Cache folder was clean -  Once more I am running a full MalwareBytes scan, and once this completes I will scan with additional Anti-Virus programs before being convinced that my system is completely clean. However I think that I am now on the right track... Kind Regards, Davo |
| My System Specs |
| 09 Jun 2014 | #3 |
|
Let us know what MBam found ... post the log!
|
| My System Specs |
| . |
|
|
| 09 Jun 2014 | #4 |
|
|
Hi,
The MalwareBytes log is attached to my original post. Kind Regards, Davo |
| My System Specs |
|
Message box keeps popping up on my screen (at logon) - Trojan Bitcoin!
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Similar help and support threads | ||||
| Thread | Forum | |||
|
How to change Logon screen Picture frame (before logon) Hi there, I have a windows 7 pc in a "domain", so when you get to the initial windows 7 welcome screen (prior to logging in as a user), you get a blank transparent Picture |
Customization | |||
|
Update Plugins message popping up. The yellow bar with the "update" message pops up on some sites, but not all sites. I hesitate to do updates on things I don't understand, so I'd like to get rid of that annoying popup. Any ideas? http://dickh.zenfolio.com/img/s2/v51/p296332187-4.jpg |
Browsers & Mail | |||
|
Help please with a screen that keeps popping up Hi... this screen keeps popping up only started yesterday..... at night... and this morning as well see the attached screen shot I did I am windows 7 IE 8 thank you hope I gave you enough info |
General Discussion | |||
|
Scheduled task message popping up in background ... Using the method in this post ... Writer I Am: Creating an Hourly Reminder in Windows Why is the message displaying under current windows? Is there a way to force it to the front? Thanks, Ashley |
General Discussion | |||
|
Logon screen, change/remove logon picture Hi, Is there a way to remove the logon picture. or make the picture smaller. it ruins my logon wallpaper :cry: let me know! |
Customization | |||
| Our Sites |
Site Links |
About Us |
Find Us |
|
Windows 7 Forums is an independent web site and has not been authorized,
sponsored, or otherwise approved by Microsoft Corporation.
"Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd All times are GMT -5. The time now is 09:16. |
|
