1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

CPU Usage leftovers after removing VIRUS

Discussion in 'Virus & Other Malware Removal' started by Serrh, May 13, 2013.

Thread Status:
Not open for further replies.
  1. Serrh

    Serrh Thread Starter

    Joined:
    May 13, 2013
    Messages:
    2
    Hello everyone,

    I'm new to this forum. First I'd like you to know that I'm an IT specialist...
    I've deleted over 1000 Virusses in my life. Most of them manually without the help of a Spy/Virus-scanner (It's always something different and it makes me feel good when I do accomplish deleting it without the use of Scanners)

    This is the first time I'm having trouble with one. A customer received a "virus" through e-mail. At first it looked like a PDF (Known file extensions were turned off), So the customer didn't know it was an executable.

    So they runned it multiple times wondering why it didn't show up on their screen, but instead they installed it.

    As usual I cleaned the mess up. As far as I could see it was gone, because this was my first time seeing this Virus/Spyware I runned MalwareBytes and a full scan with Trend Micro. They found nothing at all... So I assumed it was gone.

    A week later they called me telling that the computer was slow. After looking at the CPU usage I noticed that Explorer.exe was always at 15%+...

    With procexp (Process Explorer) I took a look at it and noticed the following:
    There are no weird stuff loaded with it.
    At the Tab "Threads" There is one thread that causes the problem. I can Suspend or Kill it (Everything works fine after this), but it'll come back after restarting explorer.exe (Also the computer).

    Is there any way to view the Thread detailed or make it stop from starting?

    Start Address:
    ntdll.dll!RtlUserThreadStart

    Thanks for any help
     
  2. Serrh

    Serrh Thread Starter

    Joined:
    May 13, 2013
    Messages:
    2
    I fixed it myself. It had something to do with Google Chrome. Probably corrupted/changed files after infection??

    Anyway removing it and doing a clean install of Google Chrome fixed my problem.

    Marking this as solved.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1098550

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice