GTX 1060 infected with Bitcoin Miner

Tom_242 · Jun 19, 2017

Hello,
I apologize in advance for possible misspeling, iam not a english speaker.
Few days ago I noticed that my new MSI GTX 1060 6GB OCV1 started badly rendering my games ( namely Mass Effect Andromeda, Metro Redux and SW Battlefront ) - textures in low resolution even everything was set on "Ultra", also with no depth, missing AA, Motion blur, visible pixel grid. Also, there was a very obvious increasevin performance and FPS. I found out, that some kind of bitcoin miner virus forcing my GPU to run at 100%. I managed to remove it with Malwarebytes and then I reinstalled Windows, got new drivers, etc.
But even if my gpu is now running correctly, all graphics issues still persist. ( Only desktop, browsers and other simple programs look normal ). I also found out that DSR scalling work no longer.
I want to ask if it is possible that the virus left some settings in my PC, which cause that my gpu to render differently, simplified and faster? And how to change it?
I will be very grateful for any solution

Here is my MB and CPU if it helps:
i5-4690k 3.5 GHz, H81M-E34

renz496 · Jun 19, 2017

can you post picture how does it look in games? btw what driver version you're using right now? try doing clean driver install (using DDU). maybe there is something goes wrong with driver installation after windows reinstall.

Tom_242 · Jun 19, 2017

renz496 :

That's what I did at the beginning, I also used them to remove the previous default Intel drivers for integrated graphic card, just for sure. My drivers are the latest version - 382.53. Then I have replaced some original Windows drivers with new ones using Driver Booster 4.4 Pro, because they had caused me mouse lags already in the past, due to high latency ( especially default Realtek drivers ).

Here are some screenshots: Mass Effect Andromeda on highest settings with 120% SSAA scalling ( The only one I did before reinstalling Windows, unfortunately ): http://imgur.com/MWIAVjv http://imgur.com/S73EGsc http://imgur.com/wzV1rcj http://imgur.com/FIUJZe7

This one I did on lowest settings, where the pixel grid is most visible: http://imgur.com/JoCN0fT

Metro Redux on highest settings with 2x SSAA after reinstalling Windows. I only have this game installed yet. ( Before reinstalling Windows it looks same ): http://imgur.com/BKJQflh http://imgur.com/3Ndhziu

Today I noticed another strangle thing using GPU-Z. Its about temperature limit settings of my gpu, I do not think it should be like this:
Current: 83C
Minimum: 60C
Default: 83C
Maximum: 92C
Adjustment range: -28% to +11%
But according to MSI Afterburner is actual temp about 40C and its true, I have my pc open right next to myself.
And another weird thing, Windows store app is working no longer. Actually, it works, but it crashes every time when i press the "login" button.
Finally, I have no logs but that malware has masked behind this service: wabmig.exe located in C:\Users\Tom\AppData\Roaming\Google\Windows Mail. Here is the exact same example with screen of that folder: https://www.reddit.com/r/pcgaming/comments/6dx2ro/keep_your_eyes_out_for_bitcoin_miners_windows_r/
but it does seem to have no more problems like me...:-(

renz496 · Jun 19, 2017

have you tried using older driver?

DarkSliders · Jun 19, 2017

Try reverting your NVIDIA Control Panel settings to default.
As I know of, it's one of the few tools which can create persistent changes in graphics.

Tom_242 · Jun 19, 2017

renz496 - I tried five lower versions sequentially, nothings changed...:-(
DarkSliders - It did not help, and these settings are always set to default after drivers reinstalling. I prefer Nvidia profile inspector, which offers much more options ( I use it for optimal settings for each game with guides from 3Dguru or GeForce forum ).But even here everything was fine after each driver reinstalling.

I have managed, at least in part, to bring back missing effects in Metro Redux after several testing, but only for a moment...I choose some DSR to be my desktop native resolution ( only place where dsr still works ), set him in game settings and applied right form of SSAA...for a second everything looked like it was before, but as the character begins turning around or start moving, the shadow bitmaps fail and collapse. So i think the scalling simply does not work and gpu generate shaders incorrectly, or is using wrong algorithm...:-(
I borrowed from my brother old Heroes V, which has no kind of modern effects for a test, and my pc barely managed to run it on normal settings, which makes no sense...?

renz496 · Jun 19, 2017

have you tried running at everything with default setting? (no changes that can alter how the game look using stuff like DSR).

rcald2000 · Jun 19, 2017

Tom_242 Malwarebytes cannot remove a virus; it's designed to remove malware.

Save and close all applications and run these:

https://www.bleepingcomputer.com/download/adwcleaner/
https://www.bleepingcomputer.com/download/combofix/

* This program will very possibly reboot your system while removing any found virus or trojan.

Tom_242 · Jun 19, 2017

renz496 - Yes, in case, when everything is set to default : Hard frame skipping or sound out of synchronization ( NPC says only half of the word, then skip to another ), lights and shadows are stuck, missing or flickering textures, screen starts to shaking for a while sometimes. VSync is enabled default in game. After 2-3 minutes playing my gpu becamed suddlenly very noisy and started overheating for no reason...:-(

rcald2000 - I have already tried RKiller/ADW Cleaner combo, one another thing was found - svchost.exe ( Combofix is with windows 10 incompatible, unfortunately :-( ). But it seems some other part of that thing is still active. Do you know any other utilities which could work? I think the usual antiviruses are useless, they think its common windows service. And how the hell can that virus persist in pc after system reinstalling?

I'm going to sleep for a while because I get up to work in the morning, ll be here in a few hours

DarkSliders · Jun 19, 2017

Tom_242 :

This issue seems to have gotten quite out of hand.
Although I'm not an expert at virues I was wondering:

Have you tried thoroughly going through the Details tab in the task manager, researching the different processes?
Close anything that doesn't have any information or it, or points to malware/viruses.

If that doesn't work perhaps the virus is embedded within another program?(If that's possible)
In that situation, closing anything that's not essential to your pc running might help.

Correct me if I'm wrong, please.
And the process is painful, but it might help you find out what exactly is messing with your PC.

Search

GTX 1060 infected with Bitcoin Miner

Tom_242

Prominent

DarkSliders

renz496

Champion

Tom_242

Prominent

renz496

Champion

DarkSliders

Reputable

Tom_242

Prominent

renz496

Champion

rcald2000

Splendid

Tom_242

Prominent

DarkSliders

Reputable

TRENDING THREADS

Latest posts

Moderators online

Share this page