home-Hats-Where does Winnie the Pooh Piglet live? Winnie the Pooh and Piglet - Soviet cartoon and its history

Where does Winnie the Pooh Piglet live? Winnie the Pooh and Piglet - Soviet cartoon and its history

As you know, with the advent of any new way of earning money, there are always workarounds to get money through it. Thus, with the spread of cryptocurrency mining, a logical consequence was the emergence of virus programs that allow you to mine currency from other people’s devices without the knowledge of their owners. Even though the general public may not know about this option for receiving money, some people have been making money this way for a long time. Next, we’ll try to figure out what hidden mining is, why it remains popular and attractive to scammers, and also understand how not to become a victim of malware or get rid of it if one was found on the device.

What is shadow mining

So, hidden mining (from the English stealth mining) is the extraction of cryptocurrency by a third party through a PC, the owner of which remains blissfully unaware of the processes taking place behind his back. As a rule, such earnings are made by introducing a special malicious program into a computer - a mining virus, or a miner bot/botnet. However, the capabilities of such a “Trojan” are not limited to cryptocurrency mining. Like other spyware viruses, it can steal wallet data, account passwords, in social networks and information on bank card or simply make your PC more vulnerable to other malware.

It is interesting to note that finding a botnet on your computer is sometimes quite difficult, since its presence is sometimes not noticeable: the load on the processor or video card does not necessarily increase significantly, especially if your equipment is highly powerful.

How does a virus miner work?

A miner bot often enters a PC system in one of the following ways:

  • Through any downloaded and then launched files;
  • Direct attachment to the device (rare);
  • Through unauthorized remote access.

It connects to one of the mining pools, where it mines virtual coins, and over time loads the processor more and more. The main task of such a program is precisely to mine money using the resources of someone else’s equipment. The earned cryptocurrency is transferred directly to the scammer’s wallet. Pools can be called an ideal option for creating a personal mining network, because someone who likes to make money in this way has the right to connect any number of computers without having to prove their ownership.

How does a virus miner manage to remain undetected? It’s all very simple: it ends up on the PC along with any files, be it a torrent or even a Word document, it is installed in silent mode, the hidden mining process is disguised as the operation of a Windows system service or is not displayed at all. Another one interesting feature The modern virus miner lies in the fact that when the load increases significantly, it simply turns off so as not to provoke slowdown, and therefore not to increase the risk of being detected.

Sometimes a source file is installed on the system, which automatically restores a program deleted manually or by an antivirus.

Why is a miner bot dangerous for a computer?

It would seem that the program mines cryptocurrency for itself through someone else’s device, what’s wrong with that? It's a shame, of course, but not critical. And yet, like any virus software, a hidden miner poses a danger to your PC. First of all, the presence of such a program on a computer inevitably harms the OS. After all, it belongs to the category of Trojans. In addition, this program “eats” the working power of the processor and video card, which affects the productivity of the PC. And, perhaps, the most unpleasant thing: the spy gives the fraudster access to your personal data, up to financial information and the ability to obtain passwords for wallets and cards.

Other features of miner bots include:

  • Non-standard way to launch the program;
  • Having two processes restart each other if you tried to terminate one of them;
  • Rebooting the device when trying to access program files or remove them from startup;
  • Processes that prevent the antivirus from working properly.

The most common hidden mining programs

The most common shadow cryptocurrency mining program is Bitcoin-Miner. This virus was developed in order to create a single resource that allows you to mine coins from other people's computers and consists of an unlimited number of devices. With such “joy” entering the system, the computer is loaded to the maximum, which becomes noticeable by the noise of the video card cooler. Fraudsters do not hesitate to squeeze everything possible out of the victim’s device, so it works at 80, and sometimes at 100% power, instead of the usual 20%. However, the activity of such a program is detected through the “Task Manager”, because it reflects any fluctuations in the operation of the computer.

There are other programs created for hidden cryptocurrency mining. For example, BadMiner, MinerGate or EpicScale, which, even when the main materials are deleted, saves files on the system that can restore the program.

How to detect a miner virus

If suspicions creep in that there is a botnet on your PC, you can confirm or refute them as follows:

  • Check how the device works under normal loads ( simple programs or using a browser);
  • Launch a game that increases the load and check the performance of the video card and processor;
  • Launch AID64 and check the load on the video card and processor before and after closing background programs;
  • Compare indicators and draw conclusions.

Many stealth miners stop working as soon as the user opens the Task Manager program in order to bring the indicators back to normal and not cause unnecessary suspicion. Some of them are even able to disable the Task Manager after 5 minutes of its operation. Therefore, if you open a program and after some time do not find a window on the desktop, you should think about it. There are quite powerful programs for monitoring the state of your computer that will help you find a virus. This includes AnVir Task Manager - it allows you to detect any suspicious processes on the device.

Step-by-step removal of virus miner

Getting rid of malware can be more difficult than it seems at first glance. Every year there are new ways to bypass computer protection and disguise a virus as a completely harmless file, so you need to take a thorough approach to removing malicious software.

Preparation

First of all, back up all important data to a third-party storage device, for example, an external HDD to avoid loss of information (this doesn’t always happen, but it’s better to be safe). However, you should not copy all the data from the computer, because in this case the external media the virus itself will get in. After that, install an antivirus program with the latest updates. Auxiliary software such as CCleaner or SpyHunter will be useful. Even if their presence cannot be called prerequisite, they significantly increase the chances of complete removal hidden miner.

Since the miner bot is a Trojan, it often has a significant impact on the computer OS, which means that after its removal the device may not work correctly. In this case, it is worth having a disk with the operating system installation file.

Immediately before scanning for malware, close all programs running in the background. Since the virus disguises itself as frequently used programs, closing them makes it much easier to detect.

Removal

An antivirus can find a miner during a deep scan, but you shouldn’t count on it to get rid of a detected infection on its own. Often it has to be removed manually.

Since infection most often occurs through downloading pirated games or other files using a torrent tracker, if you remember the approximate period of time when strange things began on your PC and this period coincides with downloading a file, you can find the pest manually. You need to get rid of programs that have become suspect, and only then deal with the annoying virus.


If you are lucky and have a relatively simple miner on your computer, getting rid of it is not difficult. Just open Task Manager and look for suspicious activity. To do this on Windows, you need to open the “Start” menu and go to the “Processes” section or call the “Task Manager” using the keyboard shortcut “ctrl+alt+del”. If any task uses more than 20% of the processor, this is most likely the miner you are looking for. If you find one, you just need to complete the process and agree that “unsaved data will be lost.”

Unfortunately, removing an annoying program is often not limited to such a simple procedure. As already mentioned, many modern mining bots react to opening the “Task Manager”, so getting rid of them becomes more labor-intensive. What to do in this case?

  • The first step is to check your computer for viruses, and if any are found, reboot it and enter the BIOS menu. From here you can control the hardware, bypassing the OS.
  • To get into the BIOS, you need to press F8 or del during reboot (information will appear on the screen during boot). Next, go to Advanced Boot Options.

Windows 10 does not allow you to open this menu when you reboot, so press Win+R and enter Msconfig in the window that appears, select “System Configuration” and in the “Boot” section select the desired mode, then reboot the computer.

  • Once in the Advanced Boot Options menu, the user discovers big list additional features, but we need the Safe Mode with Networking item.
  • Next, log in to the system through your account.
  • The next step is to launch the browser to log into the network.
  • After that, download an anti-spyware plugin of your choice, which will help get rid of any files associated with the hidden miner.

Most anti-spyware software removes Trojans automatically. As a bonus, the program will remove unwanted entries from the OS registry and correct browser settings.

Among the well-known online resources that are useful when removing spyware are Malwarebytes Anti-Malware.

Many users who have encountered the problem of hidden mining recommend the CurelT program from Dr. Web. According to reviews, it helps to get rid of malicious software once and for all.

How to protect yourself in the future

Unfortunately, no one can guarantee complete safety. In response to every antivirus update, new viruses appear. But we can at least reduce the risk of PC infection if we use trusted services, listen to the advice of an antivirus program or browser when they (usually in vain) try to warn us that a particular site is unsafe, and, of course, periodically check the computer for mining.

conclusions

So, we came to the conclusion that:

  • A hidden miner is a malware related to Trojan programs that is introduced into the computer through the use of PC resources.
  • The presence of a miner bot on the victim’s computer allows the attacker not only to engage in mining through his device, but can also give him access to many personal data.
  • The answer to the question “how to remove a miner” from a PC can be both simple and complex. It all depends on the type of virus. If you are not sure about own strength, it is better to contact specialists.
  • To avoid re-infection, when downloading files from the network, you should use only sources that do not raise suspicions and avoid unverified links.

Do you want to stay up to date with the latest news and receive free insights? Subscribe to our,

Recently, there have been several news reports that some sites are engaged in mining cryptocurrencies, using the computer power of their visitors. First there was a message about, then about, both sites were doing this secretly from users.

This led to dissatisfaction among users of these sites, and many other users began to worry whether their computer would be used to mine cryptocurrencies without their consent when visiting a particular site. Indeed, there is such a danger and here is what can be done to avoid it.

Secret mining

To be fair, it should be noted that many users were not so much dissatisfied with the fact that resources from the computer were used for mining cryptocurrencies, but with the fact that this was happening secretly, without their knowledge or consent.

Many people have actually spoken positively about this method of monetizing websites.

What can be done?

If you are one of those who do not want the resources of your computer to be used for mining, with your consent or not, then here is what you can do.

Check CPU usage

Simply by opening the task manager (in Windows it is called by Ctrl-Shift-Esc, Chrome has its own task manager) on your computer and looking at the CPU usage, you can quickly understand whether someone is stealing your processing power or not. If you are running some kind of “heavy” program (for example, you are editing a video, or you are running Photoshop) - this is normal. If all you have running is a browser with 5-7 tabs, you should check everything carefully.

A noticeable spike in CPU usage when visiting a particular site is an obvious sign that Javascript is running and is using up your processing power.

If you see a similar process in the manager, you can try to stop it there and see what happens next - the consumption of computer resources should drop sharply.

If the process recovers itself after some time, this is an alarming sign. You can try disconnecting your computer from the Internet and see if the load drops. If not, check your PC with a fresh antivirus. Such scripts can be launched not only from a browser, but also from a PC.

Also, if you don't have any active processes but the CPU is still too busy, your resources may still be being used for mining.

Ad blockers can help

Usually, in order for your resources to start being used for mining, you need to visit a specific site that uses one of many scripts for this, but sometimes mining can be initiated by clicking on an advertisement.

Using an ad blocker, for example Adblock, should help deal with this problem. Additionally, the ad blocker also filters out many of the known scripts that are used to mine cryptocurrencies. One of these scripts is called Coinhive, and it should be noted that its creators do not consider themselves to be creators of malware.

Coinhive is trying to solve the problem of website monetization alternative way. The developers of this script publicly spoke out against Showtime for using their script without warning users.

Extensions have also appeared that allow you to catch such miner programs. For Chrome it is No Coin. Although it is better to check it before installation.

Other malware

It should be noted that not only mining scripts significantly load the processor, there are also other malware that are used for this.

There is no universal solution for all such problems, but the first thing you can do is identify the problem. To do this, you just need to check the processor load in the task manager.

If your computer is constantly slowing down and running at maximum capacity, then this is a reason to check it for the presence of miner viruses. Let's look at how to detect a hidden miner on a computer and remove it.

What is it and why is it dangerous?

A hidden miner is a virus program that uses the performance of your PC to mine cryptocurrencies. Infection occurs through:

  • malicious messages;
  • downloaded files;
  • spam mailing.

The video explains in more detail what mining is and how it works.

The first mentions of hidden mining appeared in 2011, but then these were isolated cases. At the beginning of 2018 this problem occupies one of the leading positions in news feeds.

The Trojan miner poses a great danger to the PC:

  1. Reduces the service life of hardware.
    PC running at maximum load long time, which negatively affects the maximum service life:
    • processor;
    • video cards;
    • cooling systems.
  2. Limits performance.
    When using an infected computer for their tasks, the user receives scanty performance, because the bulk of it goes to hidden mining.
  3. Provides access to personal data.
    Since the miner is a Trojan, it gains access to personal information user. Lately Cases of theft of electronic wallets and passwords have become more frequent. The attacker not only uses your PC's performance, but also steals confidential data.

Note! Last update Windows has received protection against mining. You can get acquainted with the information by clicking on the link "".

How to detect and remove

Advice! Scan your system with an antivirus, you may come across a regular miner that does not hide its presence. In this case, it will be detected and automatically removed by antivirus software.

It is usually quite difficult for a user to detect a Trojan, because the developers of the virus software have tried to hide its operation as much as possible. New miners are able to disguise their activities:

  • Disable while the user is working with demanding applications.
  • Disguise as other applications in Task Manager.
  • Work only when the PC is idle.

Your computer could be infected without you even noticing it. It all depends on the ingenuity of hackers. We will try to explain in as much detail as possible how to identify malware.

Important! Be careful when deleting any file, especially if you are not sure of its purpose. You do all actions at your own peril and risk!

Via Task Manager

Let's touch on Internet mining a little. There are sites that, using a special script, gain access to the performance of your PC. The hacker, bypassing the protection of the Internet resource, uploads his malicious code there, which mines cryptocurrencies while you are on the site.

It’s very easy to understand that you’ve encountered one, because when you visit it, your computer will start to slow down, and the Task Manager will show a heavy load on the hardware. It is enough to simply leave the site to stop the mining process.

To detect malware on the system:


Via AnVir Task Manager

The multifunctional process manager AnVir will help you detect a hidden virus.

  1. Download and install the utility.
  2. Launch it and view the running processes.
  3. If you are suspicious, hover your cursor over an application to display information about it.

    Note! Some Trojans disguise themselves as system application, but they don’t know how to fake details.

  4. Then RMB → “Detailed information” → “Performance”.

  5. By selecting “1 day”, view the load on your PC during this time.

  6. If a process heavily loaded the system, hover your cursor over it → write down the name and path.

  7. Right-click on the process → “End Process”.
  8. In Windows search, type “regedit” → go to the registry.
  9. “Edit” → “Find”.
  10. Enter a file name → remove all matches.

    Important! If you are not sure that the file can be deleted, write to us in the comments, we will try to help.


  11. Scan the system with an antivirus (for example, we used a standard antivirus, which is located in “Start” → “Settings” → “Update and Security” → “Windows Defender”).
  12. If threats are detected, confirm their removal.
  13. Restart your PC.


Related publications: