|05 Sep 2013||#11|
| || |
The GPU pegged to 100% again.
I was premature in my assessment that all was well. In Fact it is possible the deleting my user profile may not have been required in the remediation process.
I found that AMD released a new Beta Driver (amd_catalyst_13.10_beta.exe) so I thought perhaps that would not hurt to download that new driver and begin to prepare for a new OS install after a drive wipe.
I downloaded the driver saved it and also installed it.
During the install (with the GPU screaming) I got an error message about timeserver.exe crashed.
That was very suspicious so I began to research that.
Found this site:: http://forums.malwarebytes.org/index.php?showtopic=128536
A few days ago my PC began running very slow. To try and find a solution I began to run my trusted group of virus scanner and male ware scanners, Malwarebytes Anti-Malware of course included. However my attempts of finding the solution seem to bring zero results. After poking around in the task manager is seem to find a process called TimeServer.exe that was eating a lot of CPU power. In my shock I hastily ended the process, a bit drastic but it seems to stop harassing my CPU and everything seems to be calming down.
So now that I found my evil doer my job was to identify it, however here I also found some problems in identifying the culprit. In my search I found two things http://processchecke...Server.exe.html saying it might be a bitcoin miner and the 2nd item was http://forums.malwar...howtopic=125666
I knew I needed help getting rid of it even if I found the monster.
I followed the "I'm infected - What do i do now?" and read some posts and the guide lines. After i did the preparations for the files in my post, I did some more digging and found the culprit located in C:\ProgramData\Microsoft\Windows\Time also I highlighted some interesting things I already found in the DDS.txt below. My apologies if I did something wrong but i try to give a much information to help you, help me . Also English is my second language so sorry for any spelling and grammar mistakes.
Any advice would be a great help in getting rid of this monster. Also my thanks and appreciation for any help in advance.
I ran the RogueKillerX64.exe and found a rogue script and deleted it::
Rogue ST Task 4458 wscript.exe c:\users\%USERNAME%\APPDATA\LOCAL\TEMP\Launchie.vbs //B
I then ran the combofix.exe scan first
Found the same results as listed on the website, so I ran the script file with combofix.exe
It killed the bad folder and all of its contents.
Followed up with the remaining steps suggested on the site.
I am pretty sure that I have it killed off this time. But I will monitor it closely and post in a few days if it stays clear.
Although the Malwarebytes application did not catch this custom rogue code in a scan the website and its members and expert assistance is very top notch as are the members of this great sevenforums board.
Del (Carefully optimistic)
|My System Specs|
|Similar help and support threads for2: Amd sapphire 7770 high activity while idle|
|Eyefinity in sapphire 7770 1Gb||Graphic Cards|
|Very high CPU usage, causing very high laptop CPU temps (90c idle)||Performance & Maintenance|
|High disk activity when Windows not used||General Discussion|
|Sapphire HD5770 Viper-X: high GPU utilization watching HDTV||Graphic Cards|
|High activity on HDD after wakeup from hibernation||Performance & Maintenance|
|Win 7 64 bit slowdowns high disk activity||Hardware & Devices|
|High Disk Activity! Help!||Hardware & Devices|