Jump to content
sufffix

Very High CPU Usage, Clears up when opening Task Manager / Process Explorer

Recommended Posts

Hi, I'm new here, so I probably won't be giving much useful information.

So, I've been using my PC for about a year now with little to no issues with viruses, but a few days ago I started dropping frames in every game I would play, but the moment I opened Task Manager, my game went back to normal. Around 5 or so minutes would pass, and then Task Manager would close without any warning at all. Today I searched up solutions but couldn't find anything that worked. I couldn't find igfxupdate.exe in SysWOW64 or System32, and the same thing that happened to Task Manager happened to Process Explorer. Also, the same day that all of that happened, I can't open Malwarebytes. I just get a message on my screen saying "The item referred to by this shortcut cannot be accessed. You may not have the appropriate permissions." I've never had a problem using Malwarebytes before, and I suspect it's related to the above problems.

Any help is much appreciated.

Share this post


Link to post
Share on other sites

Hello, Welcome to Malwarebytes.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I need more information.

Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file:
In the Reply section in the bottom of the topic Select Click the Choose a File.
Navigate to the location of the File.
Click the file. It will appear in section.
Click the Saving button.


Wait for further instructions
====

Share this post


Link to post
Share on other sites


Hi,

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome

Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset and clean up" > "Restore settings to their original defaults"
 
Restart Chrome.
<<<>>>

Please post the Fixlog.txt and let me know what problem persists.

---

p.s.
Where are you located?
The NameServer IP's are from different countries, Canada and Europe.

Please run the Farbar program one more time and post fresh FRST.TXT and Addition.txt logs for my review.


 

fixlist.txt

Share this post


Link to post
Share on other sites

Hey, I'm really sorry but I'm going on vacation for around 3 days, could you hold on? I'll do that step the moment I get back home. I didn't realize my family was going away when I started the thread, apologies. (And just to answer your question, I'm from Canada)

Share this post


Link to post
Share on other sites

Hi,

Can you please execute the Farbar program and post fresh FRST.TXT and Addition.txt logs for my review.

Let me know of any remaining issues with this computer.

Share this post


Link to post
Share on other sites

Hi,

--RogueKiller--

  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or above, right-click the program file and select "Run as Administrator"
  • Accept the user agreements.
  • Execute the scan and wait until it has finished.
  • If a Windows opens to explain what [PUM's] are, read about it.
  • Click the RoguKiller icon on your taksbar to return to the report.
  • Click open the Report
  • Click Export TXT button
  • Save the file as ReportRogue.txt
  • Click the Remove button to delete the items in RED  
  • Click Finish and close the program.
  • Locate the ReportRogue.txt file on your Desktop and copy/paste the contents in your next.


=======

Lets check your Master Boot Record.

Read carefully and follow these steps.
TDSS

  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.

  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


===

Poster the logs for my review.

Share this post


Link to post
Share on other sites

Hi,

This infection used filenames that are under an other path genuine. It fooled me.
I have documented then and will add then to my bad list.

Please download the attached Fixlist.txt file to  the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.

Run FRST and click Fix only once and wait.

The Computer will restart when the fix is completed.

It will create a log (Fixlog.txt) please post it to your reply.
===

One of the command used in the fix will submit this file BorderlessWindowed.exe to VirusTotal for inspection.
Let see what the report will be.

I suggest you run the RogueKiller one more time and make sure that the items marked with Miner etc.. are all gone.

The other entries in that log are optional and it's for you to decide if you want to keep them.

Post the Fixlog.txt and let me know what problem persists.
 

fixlist.txt

Share this post


Link to post
Share on other sites

Hi,

Add this line to my fixlist.txt

Or delete the file in bold if the fix has already been done.

 

C:\ProgramData\RealtekHD\taskhostw.exe

nasdaq

Share this post


Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.