Euronius

Yes, sorry for the delayed response. I haven't been able to find a solution for my issue yet, but since we ran an extensive amount of scans with a multitude of different AV software, I'm reasonably confident it might just be a different issue altogether (no malware). I understand that might fall outside of the scope of this forum, in which case feel free to mark this as solved/closed. I guess I'll just live with until I manage to identify the issue. Thank you kindly for all the help offered, JSntgRvr!

That's part of the CyberPower Panel Personal (UPS battery software). It's been on my computer for a long time. Never had any issues with it. It spikes up in CPU usage sometimes, but nothing out of the ordinary. If I remove those registry entries you've put in the Fixlist file, will it disable it? Because I very much need this software haha

I've gone ahead and cleared all the Event logs, rebooted and ran FRST64 once again. FRST.txt Addition.txt

I understand that, but initially I suspected it might've been a hijacked .exe, but the SFC /scannow and the disk repair commands should've caught it, I believe. But, I still can't get over its behavior when opening Task Manager. A legitimate .exe wouldn't care if you open anything else, it would still continue to bother you, I think. In any case, I did check Device Manager (even the hidden devices), but nothing jumps at me. In the meantime, I guess I'll have to live with it. I'll just fire up Task Manager whenever I boot a game haha. And I'll continue to look for a solution elsewhere. Thank you so much for your time and efforts in trying to find a solution. I appreciate it a lot!

Still the same issue, unfortunately. But, I genuinely appreciate your help.

I've reinstalled AMD drivers the moment I noticed my games acting up and no amount of scanning seemed to find the culprit. As for the excessive amounts of error events, that's just classic AMD software for ya. I can only hope it's just a Windows or AMD driver issue, rather than a sneaky miner in the background. I'm inclined to think the latter; I'm still hung over the fact of everything goes back to normal the moment I open Task Manager.

Same here actually. Goodnight and sleep well! Thank you for trying to help me. FRST.txt Addition.txt

I've gone ahead and updated everything I use from the list and uninstalled everything I don't use, but the issue still persists. I've attached the new .txt file, just in case you'd like to check. I'm still waiting on that download link for Dr. Web CureIt to be emailed to me. Is there anything else I can try in the meantime? SecurityCheck.txt

Here you go: SecurityCheck.txt

Here's the new search file for WerFault.exe: Search.txt

Nothing's changed, unfortunately. Same issue and behavior as before. WerFault.exe pops up when I launch a game and disappears the moment I open Task Manager and everything goes back to normal. Once again, I really appreciate your time in trying to help me!

I think it's done. Here's the report: Fixlog.txt

Apparently Windows Defender was preventing me from running FRST64. I went ahead and re-disabled it and managed to get the Search text file. Here's also the log from AV block remover: Search.txt AV_block_remove_2024.03.24-02.14.log

It doesn't open anymore, strangely enough. I tried double clicking; right click > open as admin; even downloaded a brand new FRST64.exe, it still refuses to open.

Sorry, accidentally posted the previous screenshot when I meant to post the most recent one.

I've gone ahead and signed up for the Dr.Web CureIt software. Still waiting for the download link to be emailed to me. And yeah, I did look into WerFault.exe. Apparently it is a legitimate software of Windows used for error reporting, but I find it extremely suspicious how it only starts when I fire up a game and disappears when I check Task Manager. If I don't open Task Manager, it stays there indefinitely. Exactly how you'd expect an incognito malware to behave. While we're waiting on the download it, just wanna say thank you for taking the time out of your day to help me out. It means a lot!

I just tested it earlier, but the same issue still persists. Will try rebooting once again and using Process Explorer and see if I catch anything.

I did, yeah. To my best understanding, a suspicious extension was the culprit. Here's the new scan low if you need it. AdwCleaner[S03].txt

It wouldn't let me post them for some reason. Here you go: Malwarebytes Scan Report.txt AdwCleaner[S02].txt

Thank you for taking the time to respond! I've gone ahead and applied the fix provided and attached the text file log to this post. (Please note that "writer.exe" was a legitimate file belonging to RawAccel software, that I had manually put in the startup folder but will await until issue is resolved to do so again). Fixlog.txt

My apologies for the double post. I ran the Farbar Recovery Scan Tool (x64) and here are the necessary text files: FRST.txt Addition.txt

Hi. I made a longwinded post, offering as much context as I could, but it wouldn't let me post it, since it was falsely flagged as $pam. Here's the short of it: I'm an avid gamer. But, recently, every time I launch a game, the FPS fluctuates between 'expected' and 'unreasonably low'. Did a bit of digging of my own, turns out my CPU usage shoots up considerably high during gametime. Now here's the kicker, every time I launch Task Manager, everything settles back to normal. This alone made me suspect I might be infected with one of those pesky miners that hide themselves when you open Task Manager. I already ran multiple scans with Malwarebytes, Microsoft Defender, AdwCleaner, Unhack Me etc. Nothing ever comes up. Even used DDU and re-installed my GPU drivers, in hopes of this being just a graphics driver bug. The issue persisted. At next boot, I used Microsoft's Process Explorer and fired up a game just to see if the potential malware might show up. This is what came up (attached image to this post). The miner might potentially be disguising itself as WerFault.exe. So, I ran the "SFC /scannow" command, but everything came up okay. Rebooted and tried this multiple times, just to confirm. Same issue, with one slight variation: the PID keeps changing every time. Again, when opening Task Manager, everything goes back to normal and WerFault.exe disappears. I'm at a loss at this point. Any help on how to proceed from here would be greatly appreciated! Thank you for your time in reading this.