Jump to content

csrss.exe and dwm.exe are causing high GPU usage


Recommended Posts

Hello everyone!

I am writing here because I have been recently infected by a virus that neither Malwarebytes, Avast,... could find/repair. It had "Autoitv3.exe" as a name and was located in a folder that did not allow me to access because I have not the proper permissions. However, I am the only user of this computer and, consequently, the admin. To solve that issue I decided to use the Recovery partition of my laptop and restore the system, i.e., I had my computer restored. After the installation of Windows and the updates, I have noticed that the performance of my computer has dramatically dropped and I have seen that there are two processes, csrss.exe and dwm.exe consuming almost all the GPU resources. I have googled it and I have seen that it may be a virus (a bit coin minner), but Avast and Malwarebytes cannot detect anything, so that is why I am asking for help in here.

Please find attached the output of the Malwarebytes analysis (it is in Spanish, but in short, it has not discovered anything), the outputs of the FRST tool and a file containing the resources loaded by dwm.exe (obtained with the Process Explorer).

 

I hope you can find the issue and I am very grateful for the help.

 

Cheers, 
Pablo!

Addition.txt

FRST.txt

mbam_log.txt

dwm.exe.txt

Link to post
Share on other sites

  • Root Admin

Hello @paboyodom and :welcome:

The logs are not showing any real signs of a rootkit or miner but we'll use a couple other scanners to make sure.

 

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.

PC Winvids - How to run Kaspersky TDSSKiller

If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.

Thank you

Ron

 

 

Link to post
Share on other sites

Hello @AdvancedSetup!!

 

Thank you very much for the info. Despite of that, what I have tried is to restore a previous Windows compilation: I had the lastest update of Windows installed and then I recover the pre-update situation, leading to a much better performance and update it again. Actually, there are not signs of excessive GPU consumption nor CPU, so I think problem has been solved. Any way, I will keep an eye on it, just in case.

 

Thank you very much for your help!!

Cheers, 

Pablo.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.