Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CPU maxed unless Task Manager is opened


  • This topic is locked This topic is locked
2 replies to this topic

#1 Shimonhead

Shimonhead

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 24 November 2012 - 10:46 AM

Hello.

I have seen another person list this as an issue here as well, and someone else on another sites forum. All in just the last few days.

It seems this may be a virus that maxes out our CPU and its cores when running. I am running CORE TEMP and can see the CPU usage at 100% on all 4 cores. However when task manager is opened the usage immediately drops to 1-4% on all cores...like the virus turns itself off as soon as you open Task Manager to see it. The reason I think this is the case is that if you run Hijack This with Task Manager off, you can see the cores drop to 1-4% again...so Hijack This is useless as the virus recognises it as a program that could identify it.

I have run several reputed virus scanners...Kaspersky, Trend, Malwarebytes...all find nothing.

Combofix found some stuff but it had no effect on whatever this is.

Has anyone else had this strange hiding cpu max out issue?

BC AdBot (Login to Remove)

 


#2 Shimonhead

Shimonhead
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:08:32 PM

Posted 24 November 2012 - 12:47 PM

Found the culprit!

Some people on another forum had the answer as to what it is and how to remove it.

Combofix finds and removes this file: c:\windows\SysWow64\update\igfxupdate.exe

But doesn't remove enough of the other associated folders/files to keep it from coming back.

Here is the link to the group who found it and how to remove.

http://answers.microsoft.com/en-us/windows/forum/windows_7-security/igfxupdateexe-forces-cpu-to-load-100/5936cbd2-a758-4a27-946f-0bac401d56f3

#3 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:08:32 PM

Posted 27 November 2012 - 10:11 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users