Solved Windows Process Manager x32

C

Carloss

New Member
Thread author
Dec 15, 2017
3
Hello you wonderful people,

I've been noticing that my computer has been failing for a while (not restarting, failing to log off, slower than usual). I ran Malwarebytes which removed some malware I had, but since then, I've noticed that my CPU usage has been through the roof (hovers around 90-100%). Today I realized that I am infected by this Windows Manager virus and that this is the cause of my CPU usage (i found out by looking at windows taskbar).

Malwarebytes finds nothing anymore. Rootkit finds one infected folder/file (igfxmtc), but it fails to delete it. There are more folders with infected files, but these are not recognized by any software i've used.
Access to the folders is denied, so they cannot be deleted.

Some help would be appreciated as I'd like to avoid whiping my drives and reinstalling everything.

I attached the FRST and Addition logs, and some pics to hopefully help.

The first two pictures are errors I get upon logging in, and I am not sure what they are/mean.

Thank you!
 

Attachments

  • Addition.txt
    54.8 KB · Views: 0
  • FRST.txt
    52.2 KB · Views: 2
  • pic 4.png
    pic 4.png
    98.7 KB · Views: 6
  • pic1.png
    pic1.png
    84.5 KB · Views: 7
  • pic2.png
    pic2.png
    93.8 KB · Views: 7
  • pic3.png
    pic3.png
    40.8 KB · Views: 9
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Hello,


Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Plug the flashdrive into the infected PC.
  • Click Start and while holding Shift key on your keyboard click Power --> Restart.
Note: It is important that you keep Shift key pressed while doing this or it won't work.
  • Now you should get a window like this where you need to click Troubleshoot.
Windows-10-2.jpg

  • In the next window, click Advanced options and select Command Prompt.
  • Now you should log in into your account and after that Command Promptwindow.
notepad.png
Access the notepad and identify your USB drive

In the Command Prompt please type in:
Code: 
notepad
and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.


FRST.gif
Scan with Farbar Recovery Scan Tool

Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

Transfer it to your clean machine and include it in your next reply.
 
C

Carloss

New Member
Thread author
Dec 15, 2017
3
The shift restart did not work for me, so I just went ahead and reinstalled windows. Sorry to waste your time!
 

Similar threads

hunainkonan
  • Locked
nslookup.exe high ram usage (windows 11)
Replies
4
Views
500
Windows Malware Removal Help & Support
nasdaq
nasdaq
Trustless
    • +Reputation
  • Locked
Trouble Removing a Chrome Redirecting Type Malware/Adware
Replies
4
Views
641
Windows Malware Removal Help & Support
nasdaq
nasdaq
suthey1
  • Locked
Google Chrome Extension Can't Be Removed
Replies
6
Views
724
Windows Malware Removal Help & Support
nasdaq
nasdaq

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top