The Shadowsocks Miner is a Trojan that utilizes a victim’s CPU processing power to mine digital CryptoCurrency. When installed, this mining Trojan is installed, it will be listed under the Uninstall Programs control panel as Shadowsocks. It should be noted that even though this miner is installed as a program called Shadowsocks, it is not the same as the legitimate open source Shadowsocks proxy software.
When installed, a miner executable called Websock.exe will be installed into the C:\Applications folder and started via a scheduled task called ShadowsocksS. This task is launched when a user logs into the computer. You can see an example the websock.exe program using all of the available CPU processing power in the image below.
What is particularly worrisome about this infection is that it will use the entire CPU’s processing power indefinitely. This will cause your CPU to run at very hot temperatures for extended periods of time, which could shorten the life of the CPU.
As there is no outward indication that the program is running, here is a list of symptoms that a user can use to determine if they are infected with the Shadowsocks Miner:
- An uninstall entry called Shadowsocks version 1.0 in the Uninstall Programs control panel.
- You will see a process called Websock.exe and with a description of CPU Utility running in task manager and using a lot of CPU.
- You will see a process called Service.exe and with a description of taskxmr running in task manager.
- Windows minimize and maximize slowly, games run slower, and videos stutter.
- Programs don’t launch as quickly.
- General slowness when using the computer.
How was the Shadowsocks Miner Miner installed on my Computer?
The Shadowsocks miner can be installed via adware bundles or Trojans that download it to your computer. Therefore, it is important to have an up-to-date antivirus program running on your computer to protect you from downloading Trojans and unwanted malware.
As you can see, this miner is a program that steals your computer’s CPU resources and your electricity and profits from it. In order to make a computer operate normally again and protect the computer’s hardware, you should use the guide below to remove this Trojan for free.
33
HitmanPro will now begin to scan your computer for infections, adware, and potentially unwanted programs. When it has finished it will display a list of all the items that Hitman has found as shown in the image below. Please note that the items found may be different than what is shown in the image.
You should now click on the Next button to have HitmanPro remove the detected items. When it is done you will be shown a Removal Results screen that shows the status of the various programs that were removed. At this screen you should click on the Next button and then if prompted you should click on the Reboot button. If HitmanPro does not prompt you to reboot, please just click on the Close button.
Once your computer has has restarted or you pressed the Close button, you should now be at your Windows desktop.
Your computer should now be free of the Shadowsocks Miner Trojan (CPU) program. If your current security solution allowed this program on your computer, you may want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future.
If you are still having problems with your computer after completing these instructions, then please follow the steps outlined in the topic linked below:
Are Your Protected?
While Malwarebytes Anti-Malware, Zemana AntiMalware & HitmanPro will scan and clean a computer for free, the free versions do not offer real-time protection. If you want to be fully protected at all times then it is recommended that you purchase a premium version.
Malwarebytes Anti-Malware
Purchase the full-featured version of Malwarebytes Anti-Malware, which includes real-time protection, scheduled scanning, and website filtering, to protect yourself against these types of threats in the future!
Zemana AntiMalware
Purchase the full-featured version of Zemana AntiMalware, which includes second opinion malware scanner when other solutions do not work, cloud scanning, and super-fast scan time, to protect yourself against these types of threats in the future!
HitmanPro
Purchase the full-featured version of HitmanPro, which includes discover viruses, trojans, rootkits, spyware and other malware on up-to-date and fully protected computers using cloud protection and behavioral detections, to protect yourself against these types of threats in the future!
Disclaimer: While we do earn a commission from the sale of the above products, rest assured we only recommend them due to their effectiveness.