Jump to content

Recommended Posts

recently, I had noticed my system running constantly with the fans spinning even when doing basic tasks which did not use to be the case previously as my computer has decent specs. I had a similar issue to a user who explains it here: https://superuser.com/questions/1719611/my-cpu-is-working-on-100-until-i-open-task-manager. I also (like the user from superuser.com) get the high CPU for the process 'system interupts' but that goes away almost instantly after opening task manager. I downloaded and installed Malwarebytes and I have attached the results. 5 detections were made, 2 files and 3 registry keys. These keep returning after every quarantine and also after every reboot. I have also ran Adwcleaner scan but that does not detect anything. I've done a little digging and I feel as though it might have something to do with scheduled tasks as one of the files detected and registry keys detected by malwarebytes were located at C:\WINDOWS\SYSTEM32\TASKS\WindowsUpdateTaskMachineQC and HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WindowsUpdateTaskMachineQC. If you can help me solve this issue that would be great as I'm currently writing this with the fans spinning like crazy. 

Malwarebytes scan.txt AdwCleaner[S00].txt

Link to post
Share on other sites

  • Root Admin

Hello  and  :welcome:    @TheUltimateShogun1

 

My screen name is AdvancedSetup and I will assist you with your system issues.
 

Let's keep these principles as we proceed. Make sure to read the entire post below first.

  • Please follow all steps in the provided order and post back all requested logs
  • Please attach all log files to your post, unless otherwise requested
  • Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans have been completed.
  • Temporarily disable Microsoft SmartScreen to download the software below if needed. Make sure to turn it back on once the scans are completed.
  • Searching, detecting, and removing malware isn't instantaneous and there is no guarantee to repair every system.
  • Before we start, please make sure that you have an external backup, not connected to this system, of all private data.
  • Do not run online games while the case is ongoing. Do not do any free-wheeling or risky web-surfing.
  • Only run the tools I guide you to use. Please don't run any other scans, download, install or uninstall any programs while I'm working with you.
  • Cracked, Hacked, or Pirated programs are not only illegal but also can make a computer a malware victim.
  • Having such programs installed is the easiest way to get infected. It is the leading cause of ransomware encryption. It is at times also a big source of current Trojan infections.
  • If there are any on the system you should uninstall them before we proceed.
  • Please be patient and stick with me until I give you the "all clear". We don't want to waste your time, please don't waste ours.
  • If your system is running Discord, please be sure to Exit it while this case is ongoing.

 

To begin, please do the following so that we may take a closer look at your installation for troubleshooting. This is a report only.

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to the Public desktop, please upload that file on your next reply

Thank you

 

 

  • Like 1
Link to post
Share on other sites

  • Root Admin

Thank you for the logs @TheUltimateShogun1

 

Please run the following ESET Online Scanner and perform a Full Scan

 

Click the following link to save the installer for ESET Online Scanner

https://download.eset.com/com/eset/tools/online_scanner/latest/esetonlinescanner.exe

  • It will start a download of "esetonlinescanner.exe"
  • Save the file to your system, such as the Downloads folder, or else to the Desktop.
  • Go to the saved file, and double click it to get started. 
  • When presented with the initial ESET screen, click on "Get Started". Read and accept the Terms of use
  • On the "Before we start..." screen chose if you want to send anonymous data and if you want to provide feedback or not, then click Continue
  • When prompted for scan type, Click on the Full Scan button
  • Enable  ( select )   the radio selection "Enable ESET to detect and quarantine potentially unwanted applications"   and click the Start scan button.
  • Have patience.  The entire process may take a few hours or more.
  • When the scan is completed, if something was found, it will show a screen with the number of detected items.  If so, click the button marked “View detected results”.
  • Click The blue “Save scan log” to save the log and give it a name and location you remember.
  • If something was removed and you know it is a false postive, you may click on the blue ”Restore cleaned files”  ( in blue, at the bottom).
  • Press Continue when all done.  You should click to turn off the offer for “periodic scanning”.
  • Enable "Delete application data on closing" - You do not need to submit feedback unless you want to. Simply ignore and close the program.

 

Note: If you do need to do a File Restore from ESET please follow the directions below

[KB2915] Restore files quarantined by the ESET Online Scanner version 3

https://support.eset.com/en/kb2915-restore-files-quarantined-by-the-eset-online-scanner

 

Please attach the ESET scan log you saved at the end to your next reply

 

Link to post
Share on other sites

So an update on what happened, I did some digging and figured out that the crypto trojan was being caused by a virus from my browser, so I deleted my browser and re-installed it and the virus seems to have disappeared (im not sure if it was any of the extensions, but I don't think so). Since then the same virus has appeared on my other system which doesnt have any extensions and I really can't seem to figure out what is causing the virus, within the browser. I have attached a result of the Malwarebytes scan, the mbst scan, the adwcleaner scan and the ESET Scan. Pls advise me, I would really appreciate it

Malwarebytes scan.txt AdwCleaner[S00].txt eset.txt mbst-grab-results.zip

Link to post
Share on other sites

  • Root Admin

Please clean up Google Chrome

It's late for me. I'll check back with you again tomorrow with more instructions.

 

Please follow the directions from the following topic for a more extensive article on cleaning Google Chrome

Resetting Google Chrome to clear unexpected issues
 

Thank you

 

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.