Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Weird processes running when MBP runs hot?

B

blasto2236

macrumors 6502a
Original poster
Nov 4, 2012
798
392
I'm noticing my MBP randomly running hot under minimal load. Occasionally I'll see two processes "Asciridia" and "Protohydra" consuming a ton of CPU, and then by the time I can load Activity Monitor, they aren't there any more. The one time I did manage to catch one running in AM and force close it, my MBP temp lowered by 40 degrees.

I've run MalwareBytes and haven't detected anything out of the ordinary on my Mac. Google search comes up with nothing specific for these two process names. Anyone ever come across these before? Wish I could figure out what program they're tied to and banish it from my Mac.
 
NoBoMac

NoBoMac

Moderator
Staff member
Jul 1, 2014
5,771
4,358
Some other threads on the board with similar type processes: crypto mining malware.

Surprised MalwareBytes did not pick up on it. If so, maybe websites you are hitting and Javascript on those are causing issues. Extensions? Downloading "free" programs from sketchy sites? Torrenting, and in turn, possibly opening the computer to rogue access?

When issue pops up, a "ps -ef" from Terminal might point out a pathname to problematic program/app.

https://forums.macrumors.com/threads/safari-keeps-running-with-high-cpu-usage.2181824
https://forums.macrumors.com/threads/unexplainable-activity-processes-no-help-on-google.2182333
 
  • Like
Reactions: Weaselboy
H

Honza1

macrumors 6502a
Nov 30, 2013
933
433
US
It would really be nice to others to tell us, eventually, which Safari extension/user action has dropped this coin mining crap on your computer. For future victims...

In the other threads authors reported being able to remove it, but kept quiet about the cause. This suggests it being something stupid so they are ashamed. But this leaves all future victims trying to figure this out this on their own. We all do stupid stuff, lets help our followers ;-)
 
  • Like
Reactions: Mendota
B

blasto2236

macrumors 6502a
Original poster
Nov 4, 2012
798
392
Well, I still haven't been able to tell where it's coming from. I don't have any Safari extensions, all of my software is from legit sources (or at least to my knowledge!) and I'm generally good about identifying and staying away from dodgy websites.

Having said that, I recently installed Avast and it has detected them where MalwareBytes did not. Definitely crypto mining processes. Once the scan finishes in Avast I'm hoping to be able to dig in and find out a bit more. I'll report back with what it was if I can track it down.
 
B

blasto2236

macrumors 6502a
Original poster
Nov 4, 2012
798
392
Honza1 said:
It would really be nice to others to tell us, eventually, which Safari extension/user action has dropped this coin mining crap on your computer. For future victims...

In the other threads authors reported being able to remove it, but kept quiet about the cause. This suggests it being something stupid so they are ashamed. But this leaves all future victims trying to figure this out this on their own. We all do stupid stuff, lets help our followers ;-)
Click to expand...

So I've been racking my brain all afternoon and still have yet to get to the bottom of this. I definitely didn't have any pirated software or dodgy programs on my computer. The only two things I could think of that came from questionable sources were the firmware updater for my Sanho HyperDrive, and Wine. I got Wine/WineBottler from some random site and I think it might not have been a legit version. I'm thinking Wine was the culprit but I still can't be entirely sure.

Anyway, it seems like I've rid myself of it for now, so I appreciate everyone's help.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom