Question System Interrupts process using 70% of CPU until I open task manager ?

May 14, 2021
16
0
10
0
Today my laptop's fans started going crazy so I instantly opened task manager to check if something was wrong and there was a process running for a few seconds called System Interrupts which was using 70% of the cpu but then went down after about two seconds of having the task manager opened. Before this happened karpesky cloud security warned me about a trojan that was in my computer so I deleted it as fast as possible but my desktop went completly black and a lot of pop-up errors started appearing. After deleting the trojan I thought everything was going to be fine but now this is happening. I read that System Interrupts is not a virus (and I can pretty much confirm that because I ran several scans with Avast, Malwarebytes and kapesky and neither of them detected anything) but I don't know how to fix this and it has me really stressed out.

I'll apreciate any help I can get and thanks in advance to anyone that can help me with this issue.

Also, sorry if this doesn't qualify as an Antivirus thread but I didn't know where else to post it and I'am desperate.
 

Ralston18

Titan
Moderator
Update your post to include full laptop specs and OS information.

Hopefully the problem is some some corrupted or missing Windows files.

Try running the built-in Windows troubleshooters. The troubleshooters may find and fix something.

Next try "sfc /scannow" and "dism".

References:

https://www.lifewire.com/how-to-use-sfc-scannow-to-repair-windows-system-files-2626161

https://www.lifewire.com/how-to-use-sfc-scannow-to-repair-windows-system-files-2626161

However, before doing anything ensure that you back up all important data at least 2 x and store the data off of the laptop. Verify that the backups are both recoverable and readable.
 
May 14, 2021
16
0
10
0
Many forms of crypto-currency mining malware will actually instantly suspend themselves to avoid detection whenever task manager is opened....

Try looking at SysInternals' process explorer when the fan usage is high...

https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer
I downloaded the application and it now it says that system Idle process is using 80 % of the cpu, is this a virus? Edit: It also says in its properties that the precess started yesterday so i'm pretty sure it's a virus
 
Last edited:
May 14, 2021
16
0
10
0
Update your post to include full laptop specs and OS information.

Hopefully the problem is some some corrupted or missing Windows files.

Try running the built-in Windows troubleshooters. The troubleshooters may find and fix something.

Next try "sfc /scannow" and "dism".

References:

https://www.lifewire.com/how-to-use-sfc-scannow-to-repair-windows-system-files-2626161

https://www.lifewire.com/how-to-use-sfc-scannow-to-repair-windows-system-files-2626161

However, before doing anything ensure that you back up all important data at least 2 x and store the data off of the laptop. Verify that the backups are both recoverable and readable.
I already tried this and it didn't work
Also how do I do this: "Update your post to include full laptop specs and OS information."
 
Last edited:

Johnwmel

Great
Jan 21, 2021
243
21
95
1
Do A Proper Power Reset.
Doing proper power reset is easy. It isn't the same as simply shutting down your machine.

A proper power reset means draining all the electricity out of the system.
This will properly reset the hardware and also clear volatile memory, it also helps since Windows will be restarted after, clearing out any memory leaks, not enough system resources or other problems that might get in the way of the repairs.

Have you ever heard someone say their computer wasn't working right, so they unhooked it, took it to a computer repair shop and when they got there the system was working fine? This is because the power had drained out of the system!

(Step 1) Shut down and power off the computer.

(Step 2) Once the computer is powered off, unplug the power cord. If it is a laptop also remove the battery. It is important that any way for the system to keep getting power is unplugged or unhooked.

(Step 3) With the power cord unplugged and the battery removed (if you have one), hit the power button a few times as if you are trying to turn on the computer. When you do this and the computer tries to turn on, all the electricity is drained out of the system.

(Step 4) Plug the power cord back in and reinsert the battery (if you have one) and turn the computer on.
 

Johnwmel

Great
Jan 21, 2021
243
21
95
1
We need your system info. see how you go with this tool.

Free PC Audit
https://www.softpedia.com/get/System/System-Info/Free-PC-Audit.shtml
http://www.freewarefiles.com/screenshot.php?programid=44630
 
May 14, 2021
16
0
10
0
We need your system info. see how you go with this tool.

Free PC Audit
https://www.softpedia.com/get/System/System-Info/Free-PC-Audit.shtml
http://www.freewarefiles.com/screenshot.php?programid=44630
View: https://imgur.com/a/Jf8vohu
 
May 14, 2021
16
0
10
0
Also, I appreciate all the help but I think we’re getting a bit off tracked, my initial assumption was that it was a virus since Karpesky warned me about one and after I ‘deleted’ it this started happening but now we think it’s a fab issue. I’m not saying that the advice you have given me is wrong but I just don’t know if it will resolve the issue I’m experiencing. My assumption is that a crypto currency mining software is causing my issue but if you guys think that it’a something different I’m willing to listen to every bit of advice you have to offer.
 

Johnwmel

Great
Jan 21, 2021
243
21
95
1
Ok, lets see if I can find the damage.

Please download Farbar Recovery Scan Tool and save it onto your Desktop. If your default download location is not your Desktop, drag it out of it's location onto the Desktop.
If we have to run Farbar more than once, refer this SS.
View: http://i.imgur.com/yUxNw0j.gif

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the Desktop.
The first time the tool is run, it makes also another log (Addition.txt) on the Desktop.
The logs are large, upload them using this. No time delays/Captcha-I'm not a Robot/account/registration needed. Give us the links please.
View: https://i.imgur.com/7UiiqWr.gif

View: https://i.imgur.com/6N1gfOj.gif
 
May 14, 2021
16
0
10
0
Ok, lets see if I can find the damage.

Please download Farbar Recovery Scan Tool and save it onto your Desktop. If your default download location is not your Desktop, drag it out of it's location onto the Desktop.
If we have to run Farbar more than once, refer this SS.
View: http://i.imgur.com/yUxNw0j.gif

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) on the Desktop.
The first time the tool is run, it makes also another log (Addition.txt) on the Desktop.
The logs are large, upload them using this. No time delays/Captcha-I'm not a Robot/account/registration needed. Give us the links please.
View: https://i.imgur.com/7UiiqWr.gif

View: https://i.imgur.com/6N1gfOj.gif
The logs:
 

Johnwmel

Great
Jan 21, 2021
243
21
95
1
Got them, whilst I'm going through the logs ( big job ) even though you have done other scans, run these 2 scans.

Please download Dr.Web CureIt and save it to your <b>Desktop</b>. DO NOT perform a scan, until you get it on your desktop. If your default download location is not the <b>Desktop</b>, drag it out of it's location onto the <b>Desktop</b>. (If this is not possible, this program is portable, and runs right from the location it is downloaded to, like a USB drive or SD card.)
https://www.softpedia.com/get/Antivirus/Dr-WEB-CureIt.shtml
http://www.freedrweb.com/cureit/?lng=en
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.
Make sure these options are checked/ticked in Advanced settings.
Remove found threats, Scan archives, Scan for potentially unsafe applications, Enable Anti-Stealth technology.
How do I use the ESET Online Scanner?
https://support.eset.com/kb2921/#advancedsettings
How can I view the log file from ESET Online Scanner?
https://support.eset.com/en/kb405-online-scanner-faq
15. The ESET Online Scanner saves a log file after it completes a scan. This log file can be reviewed or sent to ESET for further analysis. To save the log file, click Save scan log and select the save location. You can also click View scan details to see the information. To view the log after ESET Online Scanner has been closed, Show hidden files and folders must be enabled in File Explorer. New logs are appended to the existing log files when multiple scans are run. The path to the log file is the following: C:\Users\username\AppData\Local\Temp\log.txt
Can I select the destination of the scan?
Yes, the new version of ESET Online Scanner provides an option to select the destination of the scan (scan targets). This option can be found under Advanced settings.
Configure ESET this way & disable your AV.
View: http://i.imgur.com/wZF1Ppi.gif

How to Temporarily Disable your Anti-virus
In Windows 10, go to Settings > Update & Security > Virus & threat protection settings, and turn off the “Real-time protection” option. Windows Defender is now called Microsoft Defender Antivirus.
https://www.minitool.com/news/disable-windows-defender-win10.html
https://www.computerhope.com/issues/ch000864.htm
 
May 14, 2021
16
0
10
0
Got them, whilst I'm going through the logs ( big job ) even though you have done other scans, run these 2 scans.

Please download Dr.Web CureIt and save it to your <b>Desktop</b>. DO NOT perform a scan, until you get it on your desktop. If your default download location is not the <b>Desktop</b>, drag it out of it's location onto the <b>Desktop</b>. (If this is not possible, this program is portable, and runs right from the location it is downloaded to, like a USB drive or SD card.)
https://www.softpedia.com/get/Antivirus/Dr-WEB-CureIt.shtml
http://www.freedrweb.com/cureit/?lng=en
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Run ESET Online Scanner, Copy and Paste the contents of the log in your reply please. This scan may take a very long while, so please be patient. Maybe start it before going to work or bed.
Make sure these options are checked/ticked in Advanced settings.
Remove found threats, Scan archives, Scan for potentially unsafe applications, Enable Anti-Stealth technology.
How do I use the ESET Online Scanner?
https://support.eset.com/kb2921/#advancedsettings
How can I view the log file from ESET Online Scanner?
https://support.eset.com/en/kb405-online-scanner-faq
15. The ESET Online Scanner saves a log file after it completes a scan. This log file can be reviewed or sent to ESET for further analysis. To save the log file, click Save scan log and select the save location. You can also click View scan details to see the information. To view the log after ESET Online Scanner has been closed, Show hidden files and folders must be enabled in File Explorer. New logs are appended to the existing log files when multiple scans are run. The path to the log file is the following: C:\Users\username\AppData\Local\Temp\log.txt
Can I select the destination of the scan?
Yes, the new version of ESET Online Scanner provides an option to select the destination of the scan (scan targets). This option can be found under Advanced settings.
Configure ESET this way & disable your AV.
View: http://i.imgur.com/wZF1Ppi.gif

How to Temporarily Disable your Anti-virus
In Windows 10, go to Settings > Update & Security > Virus & threat protection settings, and turn off the “Real-time protection” option. Windows Defender is now called Microsoft Defender Antivirus.
https://www.minitool.com/news/disable-windows-defender-win10.html
https://www.computerhope.com/issues/ch000864.htm
I'm starting to think I was wrong, dr web didn't detect anything and eset only detected two unwanted applications.
 

Johnwmel

Great
Jan 21, 2021
243
21
95
1
Thanks, haven't found anything in the logs yet, I shall carry on analyzing, in the meantime, you can deal with my posts #7 & #10.
Your manual ( usually on the motherboard cd that came with the comp ) should show you an easy way to do it.
 
May 14, 2021
16
0
10
0
May 14, 2021
16
0
10
0
Honestly, I think that the best option will be to wipe the computer but I don't want to do it because I have Important files on my computer and I don't have a backup. Also, I've read about many people that have wiped their computer and even then the problem persisted.
 

ASK THE COMMUNITY

TRENDING THREADS