Jump to content

High CPU usage by random apps


Recommended Posts

Hi. I think my laptop has been infected by a malware like SVCHOST.exe. I have scanned a few times but there is nothing found.

Every damn day I open my laptop and face this crap situation where I open ordinary apps I need or some apps i install and they get to a high level of CPU usage. ( looks like this malware can affect installation process in the middle of it ? )

The funny thing is that it affects malwarebytes too !!! malwarebytes is not doing anything and it's just using it... ?‍♂️

malware.thumb.PNG.b6abd9c09f016f045e23892cb83416e9.PNG

I close Malwarebytes and this comes up...

malware2.thumb.PNG.aecd75374199b48f1692f80c9499742f.PNG

I close Tray and windows defender offline (which i downloaded from the official website) installation process that I was running at the time comes up...

malware3.thumb.PNG.fdf0afe4e858e649ccf8d561cc903ff2.PNG

couldn't close that so I waited for it to end. ? after it being done and getting closed here comes my player which I was playing a song with it... (any player I use it gets like this)

malware6.thumb.PNG.90f0a578f4206f8ec76b6769c0d80e64.PNG

I close Potplayer and face this... something I don't even use ? ( I tried removing this one a few times and it came back out of the blue again ? )

malware4.thumb.PNG.f74b86b9de645cff8739b08613602453.PNG

now the storm is over ... 

malware5.thumb.PNG.e6c2201cb82f9ef49e339a70b7f02339.PNG

after the storm I open my player and there is no problem ...

malware7.thumb.PNG.8238d1fdae8b6cc65d16a6f92b379932.PNG

but after some time (hour or minute) CPU hits the top again. ?‍♂️

malware8.thumb.PNG.e10d031bfb397b652c0c2c3326ba99bb.PNG

 

this happens with some other apps too. I don't know the hell it is. someone is using me for mining maybe. It's driving me crazy. please tell me what should I do to get rid of this situation. ( something other than reinstalling the windows. i have too many files on my laptop :D )

Thanks.

Edited by MortezaTj
Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Please post the logs  for my review.

Wait for further instructions.


 

Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

ATTENTION: System Restore is disabled
Turn System Restore On for Drives in Windows 10
http://www.tenforums.com/tutorials/4533-system-protection-turn-off-drives-windows-10-a.html
===

Remove this program in bold via the Control Panel > Programs > Programs and Features.
CPUID CPU-Z 1.80.2 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.2 - ) <==== ATTENTION
This version of CPUID is not signed and could be compromised.
If you need it please download it from this site.
https://www.cpuid.com/
===

Restart the computer normally.

Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.

IMPORTANT

  • If you click the Clean button all items listed in the report will be removed.

If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).


===

Your Malwarebytes program is Outdated. Please Update it and scan your computer.

Please post the logs and let me know what problem persists.

 

Link to post
Share on other sites

Is AdwCleaner reporting these after you clean them?

This could be a Syncing issue?

Are you Syncing Chrome with other devices?
To remove it you will have to reset the Sync in Chrome.

Read this article and proceed.

Chrome Secure Preferences detection always comes back
https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/
<<<>>>

 

 

Link to post
Share on other sites

  • Root Admin

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.