Remove NsCpuCNMiner.exe manually.
These are the steps I followed when one of my colleague's system was infected with this Malware.
What it is ?
It is a process which runs in the background and mines for crypto-currency using your system as the resource.
Symptoms:
Disk utilization & CPU usage will be max. So your system will be slow.
Application will take longer time to open.
In some cases you get some popups in your web-browser.
Steps to Remove:
Step 1 - Stop the process
Goto Task Manager->Services -> select NsCpuCNMiner or NsCpuCNMiner64 -> right click - end process
Step 2 - Remove related extensions from browser
Goto chrome browser extensions and check if any miners are present and remove them.
Step 3 - Disable From startup
Goto Win+R run -> msconfig.exe -> startup -> Disable the NsCpuCNMiner or NsCpuCNMiner64
For win 10
Goto task manager -> startup services -> Disable the NsCpuCNMiner or NsCpuCNMiner64 or Folder (Yes it is the malware and not the WindowsExplorer process)
Step 4 - Delete the source file
Goto Win+R run -> type %AppData% -> Navigate to "Roaming" -> "Images" and delete all the contents of the folder. (This contains the exe :see image)
Step 5 - Delete from registry
Goto Win+R run -> type regedit -> Once the registry editor is opened -> type Cntrl + F
-> search for "NsCpuCNMiner" and delete every occurrence of this.
If you face any issues while removing the malware, do comment below - I shall respond.
These are the steps I followed when one of my colleague's system was infected with this Malware.
What it is ?
It is a process which runs in the background and mines for crypto-currency using your system as the resource.
Symptoms:
Disk utilization & CPU usage will be max. So your system will be slow.
Application will take longer time to open.
In some cases you get some popups in your web-browser.
Steps to Remove:
Step 1 - Stop the process
Goto Task Manager->Services -> select NsCpuCNMiner or NsCpuCNMiner64 -> right click - end process
Step 2 - Remove related extensions from browser
Goto chrome browser extensions and check if any miners are present and remove them.
Step 3 - Disable From startup
Goto Win+R run -> msconfig.exe -> startup -> Disable the NsCpuCNMiner or NsCpuCNMiner64
For win 10
Goto task manager -> startup services -> Disable the NsCpuCNMiner or NsCpuCNMiner64 or Folder (Yes it is the malware and not the WindowsExplorer process)
Step 4 - Delete the source file
Goto Win+R run -> type %AppData% -> Navigate to "Roaming" -> "Images" and delete all the contents of the folder. (This contains the exe :see image)
Step 5 - Delete from registry
Goto Win+R run -> type regedit -> Once the registry editor is opened -> type Cntrl + F
-> search for "NsCpuCNMiner" and delete every occurrence of this.
If you face any issues while removing the malware, do comment below - I shall respond.
 
