How do I get rid of Coinhive?

Answered by Ricardo McCardle

To effectively get rid of the CoinHive Trojan, you’ll need to take a series of steps. I’ll guide you through each one in detail.

Step 1: Use Rkill to terminate malicious processes.
CoinHive may run as a hidden process on your computer, so the first step is to terminate any malicious processes. Rkill is a tool that can help with this. Here’s how to use it:

1. Download Rkill from a trusted source, such as BleepingComputer.
2. Double-click on the downloaded file to run it.
3. Rkill will start scanning for malicious processes and terminate them.
4. Once the scan is complete, it will display a log file.
5. Review the log file to ensure that CoinHive-related processes have been terminated.

Step 2: Uninstall malicious programs from Windows.
CoinHive may have been installed alongside other malicious software on your computer. To remove these programs, follow these steps:

1. Press the Windows key + R to open the Run dialog box.
2. Type “appwiz.cpl” and hit Enter to open the Programs and Features window.
3. Look for any suspicious or unfamiliar programs in the list of installed programs.
4. Right-click on these programs and select Uninstall.
5. Follow the prompts to complete the uninstallation process.

Step 3: Reset browsers back to default settings.
CoinHive often affects web browsers, so resetting them to their default settings can help remove any unwanted extensions or settings. Here’s how to do it for popular browsers:

Resetting Google Chrome:
1. Open Chrome and click on the three-dot menu in the top-right corner.
2. Go to Settings and scroll down to the bottom.
3. Click on Advanced to expand the settings.
4. Scroll down to the Reset and clean up section and click on the Reset settings button.
5. Confirm the reset by clicking on Reset settings.

Resetting Mozilla Firefox:
1. Open Firefox and click on the menu button in the top-right corner.
2. Select Help, then Troubleshooting Information.
3. In the new tab, click on the Refresh Firefox button.
4. Confirm the reset by clicking on Refresh Firefox again.

Resetting Microsoft Edge:
1. Open Edge and click on the three-dot menu in the top-right corner.
2. Go to Settings and click on Reset settings in the left panel.
3. Click on the Restore settings to their default values option.
4. Confirm the reset by clicking on the Reset button.

Step 4: Use Malwarebytes to remove Trojans and Unwanted Programs.
To ensure a thorough cleanup, it’s recommended to use an anti-malware program like Malwarebytes. Here’s how to use it:

1. Download and install Malwarebytes from the official website.
2. Open Malwarebytes and click on the Scan Now button.
3. The program will start scanning your computer for Trojans and unwanted programs.
4. Once the scan is complete, review the results and select any malicious items for removal.
5. Click on the Quarantine button to remove the selected items.

Following these steps will help you effectively remove the CoinHive Trojan from your computer. Remember to keep your operating system and security software up to date to prevent future infections.