100% GPU usage after 1 min

[LazyPotato]

Plus,the 'Extras' scan couldn't be accessed by OTL for some strange error. I guess a malware is preventing it from doings its analyze? If you don't have time,while you're sleeping,downloadEmsisoft Emergency Kit. This tool will kill any found malware. PS,make sure to download . It'll help. I'm just kinda paranoid since OTL couldn't access most of the reg entries.

Not able to post highlighted links for some reason,manual links :

Emsisoft Emergency Kit : http://www.emsisoft.in/en/software/eek/

rKill : http://www.bleepingcomputer.com/download/rkill/

[LazyPotato]

The initdebug.nfo file is created by the Give I/O service when it install, service that Speedfan uses to get values from thermal sensors.

Yes I realized later as I wrote my second post. I'm not perfect -- Plus I haven't used Speedfan in quite a while.

[SnakeMasteR]

Who said someone needs to be? Shared info, nothing else, buddy. So you save your time researching. :P

[LazyPotato]

Who said someone needs to be? Shared info, nothing else, buddy. So you save your time researching. :P

By research we could simply mean typing the name in google :D haha :)

[LjubeGVG]

eset and hitman pro doesn't find malware, Is it just better to format my computer again since OTL cannot access all of reg entries?

[LjubeGVG]

lol this emsisoft emergency kit is top gear - great software thanks for the tip man

it found around 12 malware cookies and 7-8 other files

[STEEL]

LjubeGVG!!! Had same problem at one stage. Formatted harddrive with Low Level (Nuke) Harddrive Formatter, saved my ass!!!

Working, perfect know. Please remember S/Mode as V/T Protection, after knew install.

Just my 5cents :rolleyes: :)

[LjubeGVG]

Steel can you explain how you did that every time I format my computer is with dvd of windows 8 i haven't noticed low level format there is, only format.

[rudrax]

Steel can you explain how you did that every time I format my computer is with dvd of windows 8 i haven't noticed low level format there is, only format.

Do you get a quick format option there? If you do, uncheck that option before you format - it will be slow as hell though.

[LazyPotato]

lol this emsisoft emergency kit is top gear - great software thanks for the tip man

it found around 12 malware cookies and 7-8 other files

Yes I know,my favorite kit so far.

[LazyPotato]

How PC is running now?

[LjubeGVG]

yeah it runs great now. thanks for all the info :)

[LazyPotato]

yeah it runs great now. thanks for all the info :)

How about re-doing scan with OTL now? :D You can also run Temp-file cleaner by Oldtimer just to delete any malicious temp files.

[LazyPotato]

And just to make sure,if you want (I'll tell you if you need further cleaning,it's optional though,totally depends on you if you've free time,but this can change after viewing OTL log) you can download this tools

*Note : This is optional,but,after viewing OTL log it can change,so here are tools that we MIGHT require if PC Is STILL infected.

Roguekiller : http://www.bleepingcomputer.com/download/roguekiller/

Adwcleaner : http://www.bleepingcomputer.com/download/adwcleaner/

JunkwareCleaner :http://www.bleepingcomputer.com/download/junkware-removal-tool/

*Note #2 : Don't forget to post logfiles. You can use Pastebin,I guess it's easy-to-use?

*Note #3 : If any of the tool asks to restart after malware clean-up,restart your PC,then re-do the scan. Just to make sure,cause some nasty malware survive boot,then re-do the scan,if the scanner still detects the malware,please post logfiles.

[mazigh]

I don't know really where is the problem, but I have 2 advises for you:

1- Update your GPU Driver (Stable)

2- Disable PhysX (GPU Acceleration) https://en.wikipedia.org/wiki/PhysX

[LjubeGVG]

now I will do the scan and paste the log.

I know about pastebin but i cannot remember yesterday :D

[LazyPotato]

now I will do the scan and paste the log.

I know about pastebin but i cannot remember yesterday :D

Okay :D

[SnakeMasteR]

Just as info, the rember.exe you got is from the faked Remember_Me-FLT release and is a keylogger (the original scene release doesn't have that), i give you the suggestion to change your passwords from websites, eMail-providers etc. that you may have entered during your slowdown-experience with rember.exe installed on your computer to be on the safe site.

[LazyPotato]

Just as info, the rember.exe you got is from the faked Remember_Me-FLT release and is a keylogger (the original scene release doesn't have that), i give you the suggestion to change your passwords from websites, eMail-providers etc. that you may have entered during your slowdown-experience with rember.exe installed on your computer to be on the safe site.

Pastebin might be fine,I'll tell him to download Comodo Killswitch and kill the rember.exe later

[SnakeMasteR]

Yeah, that won't get stolen data back, if any. :lol:

[LjubeGVG]

here are the logs

http://pastebin.com/d6L27HnA
http://pastebin.com/x9wjZGiE
http://pastebin.com/17GxHmdW
http://pastebin.com/dGX0kTjU
http://pastebin.com/Cv05ig0v

[LazyPotato]

Yeah, that won't get stolen data back, if any. :lol:

I know,but it's NOT likely that the hacker is only targeting him. Beside,he can change his pass

[LazyPotato]

here are the logs

http://pastebin.com/d6L27HnA

http://pastebin.com/x9wjZGiE

http://pastebin.com/17GxHmdW

http://pastebin.com/dGX0kTjU

http://pastebin.com/Cv05ig0v

Let me look...

[LazyPotato]

Hummmmm,looks like we need a TINY bit of more cleaning,ps,you've some disk problems,I can fix them too :D. Download all (note,you can uninstall RogueKiller,Emsisoft Emergency Kit & rest of the tools,we don't need them) three tools listed Here. Then paste the log files. I'll fix your registry and disk errors later after malware cleanup. By the way,ESET didn't protect you from malware,you should change your security software to Emsisoft Internet Security,if you're interested,I can PM you the thread (it's in Nsaneforums) about Emsisoft Internet Security package + Working product bypasser (using it now :P :rofl:)

Edit : we don't need Kaspersky Rescue Disk

[LjubeGVG]

I've alrady changed all my passwords