Jump to content

High CPU use is being disguised in Task Manager


Recommended Posts

My best guess is that some malware is using about 50% of my CPU.  When I launched Task Manager, I tried disabling the process that was listed as using the most, but on re-opening Task Manager I found that some other process was reporting insanely high CPU use.  I went through that process at least three times.  Currently Task Manager is attributing that use to Task Manager itself, so I think I've run out of things to delete!

Also tried:

Uninstalling & reinstalling Malwarebytes (it got listed as the CPU bandit once)

Running Windows Defender Offline

Downloading & running AdwCleaner (log attached)

Refresh Windows 10: Got error message stating that the utility couldn't run (I have the error code).

I'm running out of options!!!

AdwCleaner[C00].txt

Link to post
Share on other sites

Hello   :welcome:

My name is Maurice.  I will be guding you.  Unless you spotted the Name of a odd-ball / weirdo Process Name  & like did a right click on IT & then got its location & name ...... I would recommend staying out of Task Manager or the likes.

Just use security scanners to help scan & identify any potential malware.   I will guid you as to the tools.   Please do not make changes on your own.

Please always, just only Attach reports as we go along.   This is just a readout report.

 

Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to the disclaimer.
  • Press the Scan button.

_frst_scan.jpg

  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've run it before it may not and you may need to select it manually
  • Please attach both logs to your reply if possible. 
  • To upload with  attachments please click the link as shown below. Then browse to where your file is located and select it and click the Open button.

_mb_attach.jpg

 

After that, I will guide you further.

Link to post
Share on other sites

I notice at the top, you indicate you tried a Windows Refresh but that it failed.  If need be, later on if needed, I can guide you to a update-repair-in-place.

As to high CPU readout, be extremely aware that when we first start Task Manager, the initial % percentages are not accurate ....need to wait for at least a minute.

But as I mentioned before, bet to leave Task Manager alone.  We will use known & trusted tools & reports to make any determination of what is what / what is going on.

Q:  if it comes down to it, have you got a Backup of this system from before any issues ?   Backup if your best fried.

Q:  Is there anything you want to save absolutely IF it came down to needing to wipe & starting from scratch? 

Edited by Maurice Naggar
Link to post
Share on other sites

Thanks so much!  I'll be starting in a few minutes.

I had a cooling issue a while back so I installed Speccy to watch the CPU temp & took to running Task Manager in the background--mostly because I have a bad habit of keeping too many tabs open.

Everything I've reported seeing in Task Manager is something that stayed consistent for 10 minutes or more before I acted on it.

I saved all my necessary docs last night when I tried the refresh--I'm worried about losing the Word 2013 I've been hanging on to & some other apps, but I'll survive if it comes to that.

Link to post
Share on other sites

This is probably good if deeply mysterious: I know you recommended against paying attention to Task Manager, but it was still open & now it's not showing anything using more than about 10% of CPU.  So either the problem is somehow solved, or it's hiding in some new way... 

Link to post
Share on other sites

The temporary block you saw on the FRST download ( when using Edge ) is a  false one, likely from Smartscreen feature.  That can  be over-ridden  ( if needed in future).

The repurarion scan that Microsoft uses can be false at tiimes, like that one.

Thanks for the FRST reports.   What follows is the first scan I will guide you thru.

We will use known security tools to check system.

Do not do things on your own.

If you have questions, ask me first.

.

 The Microsoft Safety Scanner is a free Microsoft stand-alone virus scanner that can be used to scan for & remove malware or potentially unwanted software from a system. 

  • The download links & the how-to-run-the tool are at this link at Microsoft 

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download

 

  • Select "FULL " scan from scan options.

Let me know the result of this.

The log is named MSERT.log  

the log will be at  

C:\Windows\debug\msert.log

Please attach that log with your reply.

Link to post
Share on other sites

Thanks!  I found that one yesterday & I'd already run it before I came to this forum without notable result; log is attached.

Oddly, I saw the same behavior most of the afternoon: mysterious CPU use, CPU capacity maxing out, CPU temp way too high.  I rebooted an hour ago when I came back to the machine & turned on Speccy but didn't launch Task Manager; the performance & the heat are fine!  Maybe Windows is doing this to itself?

msert.log

Link to post
Share on other sites

Thanks for the MS Safety Scanner report.  It reports zero virus or malware.  We will do some other scans later.

  • As to heat symptoms / hardware heat in general.   Insure that the machine has adequare & free & un-blocked air circulation all around.  If it is near a wall  ( like if the machine is under a desk) move it further out from the wall.
  • What type of HP computer is this ?  Small tower or desktop or notebook / laptop ?   How old is it ?
  • Reducing the auto-started apps to only those absolutely needed can lighten the load of the machine & thus help to reduce heat.   So would reviewing all Tasks & removing that tasks that are not needed.
  • Toward that reduction goal, there is a Microsoft article you can review & use as a guide.  This is sometimes called " a clean boot startup".  We can also call it a minimal boot startup.

Just keep in mind to leave security applications as is, as well as networking or those absolutely needed by the operating system or machine hardware.

See MS article "How to perform a clean boot startup of Windows"

https://support.microsoft.com/en-us/help/929135/how-to-perform-a-clean-boot-in-windows

  • Good practice at end of day, when you are done with the pc, do a SHUTDOWN from the Windows Start menu.  That ought to help tremendously to alleviate heating of hardware.

.

Map out a plan to apply the tips above.  Keep me advised later, after you have done them.

.

There may be other factors possibly ( to whatever unknown extent or impact) such as utility aborts or issues.

Such as this one noted by Windows system events.

System errors:
=============
Error: (06/09/2021 11:41:54 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\WINDOWS\system32\IntelIHVRouter04.dll

To that, Review the settings for networking in Windows, as well as hardware router & its settings.

.

There is on the FRST report, indications of abort of Malwarebytes for Windows.  To help uninstall & then re-install it, I would suggest to get & use the Malwarebytes Support tool.

Follow the directions closely.   And at the time when you start out on that, be sure you close any editing or work in progress.  e.g.  Save your work  ( if any) and close apps you have open at that point.

https://support.malwarebytes.com/hc/en-us/articles/360039023473-Uninstall-and-reinstall-Malwarebytes-using-the-Malwarebytes-Support-Tool

Link to post
Share on other sites

Thanks!  A few notes:

The machine is an HP laptop. It lives on a tilted cooling pad with fans, which I usually operate at level 3 of 6.  I do keep it plugged in most of the time when it's in use, which is probably not optimal.

I purged the startup & background tasks as much as I could before I started looking for advice.

I have a bad habit of leaving the machine in sleep overnight rather than doing a shutdown.  Changing that habit!

Today I've had Speccy running but NOT Task Manager, no temp issues.

IT from my workplace suggests I upgrade to the paid version of Malwarebytes, which I'm likely to do.

Crazy workday is happening, so I probably can't get farther into the process today.  Possibly the issue is gone?  I'm going to try a clean boot tonight sometime anyway.

Link to post
Share on other sites

I got & have read your note.  Do let me know after you have done the support tool uninstall > re-install.

And, definite yes, sleep mode overnight is not a good practice.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.