Solved high Random CPU usage on random

[Roxsen]

Hi.... I am New To this Site but i really Need Help.........

two days ago i downloaded i file..... It Turns Out That it Was A 'Trojan Agent'
then my pc seemed Slow so i opened the task manager then i saw process that use 56% CPU so i Killed It
but then another process CPU rised to 56%
for example (My MsHelpCenter.exe have 50+% if i kill it ehtray.exe Get 50+% for no reason, its Completly Random and it doesn't seem to end) so i used SuperAntiSpyware, Malwarebytes, adwcleaner and Combofix
Combofix worked to delete the Trojan but the high Random CPU usage on random process still here

i am really despert and i cant buy a new computer

Thank you and sorry For the Bad English...

 

[HarriePateman]

have a look where the process is located:

1, Right click and "open File Location"

2, Tell us the path:

 

[andrew129260]

1.) Download herdprotect: (choose the portable version)

Download herdProtect - Free Anti-Malware Platform

2.) Run the scan.

3.) When the scan finishes, save the results per the screenshot below. Then upload the log here.

DO NOT REMOVE ANYTHING YET. I will advise if anything needs removed when I receive the log.

Attached Images

 

[Roxsen]

downloading...... Just for reminding i have windows Vista Home

and there is update on the case....
it only happens When i start an Online game(LoL, Riderz, etc) but not offline games like skyrim

if i opened an online game the only way to fix it is to kill all processes except for the system ones and reopen taskmanager..... i hope that helps

 

[Roxsen]

Here You Go..... Sorry for the delay

 

[andrew129260]

WOW! You have a ton of malware.

This is going to take some time.

While waiting for me, follow these directions so I can gather more logs:

1.)Download security check below.

This will show me what security software you use and what the status is of services such as windows firewall:

Downloading SecurityCheck

Open and run: SecurityCheck.exe
Follow the instructions inside the window that appears.

When done, a Notepad report opens automatically, called: checkup.txt

Please post the checkup.txt in your reply using the paperclip:

 

[Roxsen]

Here You go....

 

[andrew129260]

1.) You have a lot of issues here. Your antivirus is disabled which is Microsoft security essentials. You also have UAC disabled, which is an important security feature to have enabled.

Here is how to turn uac on:

http://windows.microsoft.com/en-us/windows/turn-user-account-control-on-off#1TC=windows-vista

Can you download and install the newest version from here?

Microsoft Security Essentials - Microsoft Windows

2.) Disable system protection. Click rb: right click computer and choose properties. Click system protection on the left. Disable it on all drives.

The reason we are doing this is to keep malware from jumping into your restore points and coming back to bite you. We will then re-enable system protection once your system is fully clean. Do not re-enable it until I say so.

 

[andrew129260]

Please reply and let me know you have done the steps in post 8. Then move on to this:

I know you said you have done these, but lets do them again:

1.) Download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool

• Vista/Windows 7/8 users right-click and select Run As Administrator.
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
• The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
• Upload the contents of that logfile in your next reply using the paper clip on the reply box.
• A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

2.) Using AdwCleaner v3: Scan & Clean:

Double click on AdwCleaner.exe to run the tool again.
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...

This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Upload the contents of that logfile in your next reply using the paper clip on the reply box.

Junkware Removal tool:


3.) Please download Junkware Removal Tool to your desktop.

• Shutdown your antivirus to avoid any conflicts.
• Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Upload the contents of that logfile in your next reply using the paper clip on the reply box.
• When completed make sure to re-enable your antivirus

 

[Roxsen]

1.) You have a lot of issues here. Your antivirus is disabled which is Microsoft security essentials. You also have UAC disabled, which is an important security feature to have enabled.

Here is how to turn uac on:

Turn User Account Control on or off - Microsoft Windows Help

Can you download and install the newest version from here?

Microsoft Security Essentials - Microsoft Windows

2.) Disable system protection. Click rb: right click computer and choose properties. Click system protection on the left. Disable it on all drives.

The reason we are doing this is to keep malware from jumping into your restore points and coming back to bite you. We will then re-enable system protection once your system is fully clean. Do not re-enable it until I say so.

i am Done With those.....
Moving on to the next steps

 

[andrew129260]

Thank you for verifying

 

[Roxsen]

here's the adwcleaner report....... Should i start the next step?

 

[Roxsen]

here's the other log

 

[Roxsen]

Heres The JRT log

 

[andrew129260]

So since you reinstalled and enabled uac lets get a new security check log to make sure, then move to my second post below.


1.)Download security check below.

This will show me what security software you use and what the status is of services such as windows firewall:

Downloading SecurityCheck

Open and run: SecurityCheck.exe
Follow the instructions inside the window that appears.

When done, a Notepad report opens automatically, called: checkup.txt

Please post the checkup.txt in your reply using the paperclip:

 

[Roxsen]

Here...

 

[andrew129260]

UAC is still disabled. You need to restart your pc to re-enable it. I would enable it. Otherwise it shows mse working well now, so that is good.


* Download the Farbar Service Scanner.

* Once download, right click the fss.exe file, and choose run as administrator.

*Checkmark the following boxes:

-Internet services
-Windows firewall
-System Restore
-Security center/action center
-Windows Update
-Windows defender

*Click Scan. A notepad window will appear with your log file. Save it to the desktop. Then upload the log here in your next reply using the paperclip on the reply box.

 

[Roxsen]

...

 

[andrew129260]

Thank you for the logs.

Please Run sfc /scan now using option 2 in this tutorial: SFC /SCANNOW Command - System File Checker

Please post back the results.

 

[Roxsen]

Thank you for the logs.

Please Run sfc /scan now using option 2 in this tutorial: SFC /SCANNOW Command - System File Checker

Please post back the results.

when i try to open the log it says access To {C:\WINDOWS\Logs\CBS\CBS.log} Was denied

i am the pc admin