SOLVED "Windows Process manager (32 bit)" Folders in Appdata/local that cannot be accessed - "igfxmtc"

Discussion in 'Malware Removal Assistance For Windows' started by nickaverse, Jan 1, 2018.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. nickaverse

    nickaverse New Member

    Jan 1, 2018
    3
    0
    buffalo
    Windows 10
    Norton
    Operating System:
    Windows 10
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    24 hrs ago
    Current issues and symptoms:
    Cpu/gpu and Memory usage.
    Steps taken in order to remove the infection:
    Norton, malware-byte, and other rootkit removers. Trying to access folders in appdata most likely causing issue
    Logs added to help request:
    • FRST.txt
    • Addition.txt
    Hi I've been experiencing sluggish performance on my MSI laptop recently. Upon startup I am already at 25%-40% memory capacity. Other symptoms include the issue putting a burden on the CPU/GPU. After inspecting the task manager, "windows process manager" seems to be the problem. I've also come across suspicious folders in my appdata/local folder that I cannot get access to despite having administrator privilages. To note, this is my personal machine. Help is greatly appreciated!

    Here are the folders I'm concerned about, and assuming to be part of the issue (selected)
    upload_2018-1-1_21-9-5.png

    Snapshot of task manager if it helps
    upload_2018-1-1_21-12-35.png
     

    Attached Files:

  2. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,


    Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
    • Now you should get a window like this where you need to click Troubleshoot.
    [​IMG]
    • In the next window, click Advanced options and select Command Prompt.
    • Now you should log in into your account and after that Command Promptwindow.
    [​IMG] Access the notepad and identify your USB drive

    In the Command Prompt please type in:
    Code:
    notepad
    and press Enter.
    • When the notepad opens, go to File menu.
    • Select Open.
    • Go to Computer and search there for your USB drive letter.
    • Note down the letter and close the notepad.


    [​IMG] Scan with Farbar Recovery Scan Tool

    Once back in the command prompt window, please do the following:
    • Type in e:\frst64.exe and press Enter.
      You need to replace e with the letter of your USB drive taken from notepad!
    • FRST will start to run. Give him a minute or so to load itself.
    • Click Yes to Disclaimer.
    • In the main console, please click Scan and wait.
    • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

    Transfer it to your clean machine and include it in your next reply.
     
  3. nickaverse

    nickaverse New Member

    Jan 1, 2018
    3
    0
    buffalo
    Windows 10
    Norton
    Okay,

    Here is the requested file
     

    Attached Files:

  4. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    21,729
    2,655
    Malware Removal, Gaming
    Windows 7
    ESET
    How is the situation now?

    You can manually remove these folders:

    2018-01-03 19:55 - 2018-01-03 21:14 - 000000000 ____D C:\Users\Nick\AppData\Local\reclnzi
    2018-01-03 19:52 - 2018-01-04 00:26 - 000000000 ____D C:\Users\Nick\AppData\Local\zamcver
    2018-01-03 19:52 - 2018-01-04 00:26 - 000000000 ____D C:\Users\Nick\AppData\Local\igfxmtc

    Run another MalwareBytes scan as well.
     
  5. nickaverse

    nickaverse New Member

    Jan 1, 2018
    3
    0
    buffalo
    Windows 10
    Norton
    Amazing! Was able to finally get rid of those files. Ran MalwareBytes and norton and restarted my computer a few times; made it through half the workday already, no sign of the issue anymore. Thank you very much!
     
Loading...
Similar Threads Forum Date
Fake Windows Process Manager Malware Removal Assistance For Windows Monday at 7:58 PM
Windows Process Manager virus. Help. Malware Removal Assistance For Windows Monday at 1:18 PM
Windows Process Manager (32 bit) malware. Malware Removal Assistance For Windows Jan 7, 2018