Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

100% CPU and Memory Usage. "Poweshell Unexpectedly Stopped" Errors


  • Please log in to reply
3 replies to this topic

#1 pachecfp

pachecfp

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 21 January 2015 - 12:03 AM

Hello,

 

In the past month or so I have encountered an issue with my computer where shortly after startup, the CPU and memory usage both go to 100% and remain there the entire time my computer is running. Applications now take a very long time to load, and there is even significant lag when moving the mouse or typing. The computer will also emit intermittent system beeping sounds and I frequently get a Windows error that pops up with a message along the lines of "Powershell Unexpectedly Stopped." 

 

I am running Windows 7 Professional 64 Bit w/ SP1. ESET and Malwarebytes scans both turned up clean.

Any help that you can offer would be greatly appreciated. 

 

Thank You!

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:21 AM

Posted 21 January 2015 - 03:25 AM

Bleeping Computer offers this guide for removal of the problem How to remove the Poweliks Trojan (Removal Guide)

 

Removal Instructions for the Poweliks using ESET Poweliks Cleaner:

  1. Poweliks will change your Internet Explorer security settings so that you are unable to download files with it. To fix this, press the Windows key (windows-key.jpg) on your keyboard, and while holding it down, also press the R key on your keyboard. This will open the Run dialog box as shown below.

    run-dialog.jpg


    In the Open: field in the Run dialog box, type the text inetcpl.cpl, as shown in the image above, and then press the OK button. Once you press OK, the Internet Properties screen will open.

  2. When the Internet Properties screen is open, click on the Security tab and you will be shown the security settings for Internet Explorer as shown below.

    inetcpl-control-panel.jpg


    Now click on the Reset all zones to default level button as indicated by the blue arrow in the image above. After you press the reset button, click on the Apply button and then the OK button to save your changes and close the Internet Properties screen.
     
  3. You can now open Internet Explorer or any other browser and download the >>  ESET Poweliks Cleaner  << tool. When saving the file, please save it to your desktop.
     
  4. Once the ESET Poweliks Cleaner tool has been downloaded, look for the file called ESETPoweliksCleaner.exe on your desktop and double-click it. This will launch the program, which will then display a license agreement. Read through the agreement, and if you agree to it, click on the Agree button to continue.
     
  5. You will now be shown the main screen for the ESET Poweliks Cleaner and it will begin to search for the infection. If the tool detects Poweliks, it will state that it found it and then ask if you wish to remove it. This can be seen in the image below.

    eset-poweliks-detected.jpg

  6. If you wish to use the tool to remove Poweliks, then press the Y button on your keyboard. ESET Poweliks Cleaner will now remove the Poweliks trojan from your computer. When it has finished removing the infection it will display a screen stating that it was removed as shown below.

    eset-poweliks-removed.jpg


    Press any key on your keyboard and the program will close. If you get warnings from Windows when you close the program about it not running successfully, you can just close the messages and disregard them.
     
  7. Now restart your company to finalize the removal. When your computer restarts, you want to review what was removed by the ESET cleaner, you can review the ESETPoweliksCleaner.exe_<timestamp>.log file that will be on your desktop. Timestamp will be replaced by the time and date that you ran the program.


#3 pachecfp

pachecfp
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 22 January 2015 - 12:23 AM

That seems to have done the trick. I really appreciate the help! Thanks a lot! 



#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:21 AM

Posted 22 January 2015 - 03:43 AM

We would prefer to complete the cleaning by running this Online Scanner -

 

First - Temporarily Disable your Antivirus

Next - Download Sophos Free Virus Removal Tool and save it to your desktop.

  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)

  • Copy and Paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • Now enable your own Antivirus again -





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users