Chrome process using 90% CPU on W10

Hello

Thank you for your response, but I actually use 3 browsers: Mozilla, Chrome, and Opera... And I definitely do not want to remove Chrome...

Have a nice evening.
Best regards.

Re...

Why a response like yours?

I can't understand your reaction...

I want to keep CHROME because I have a lot of saved pages and other things...

I'm asking if there's a possible solution without having to delete this browser or restore it since I no longer know when this event occurred...

Thank you for respecting my request..

Have a good evening.

Sincerely

Hi,

Your problem comes from the fact that you have infected your computer.
A scheduled task launches Chrome on a site with a miner.
This uses the browser to mine virtual currencies and therefore uses your processor for calculations.
Principle of Crypto-Jacking, see: https://www.malekal.com/web-miner-javascript/

~~

If you have installed CCleaner, you can uninstall it, it is useless.

~~

Here is the correction to be made with FRST. You can refer to this explanatory note with screenshots.

Open Notepad: Windows Key + R,
In the "Run" field, type notepad and hit OK.
Copy/Paste the following into it:

CreateRestorePoint:
 S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [X]
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [31920 2015-03-01] (Wondershare)
2018-12-17 11:24 - 2018-12-17 11:24 - 000000000 ____D C:\Users\Domicile\Documents\Wondershare TunesGo
2018-12-17 11:21 - 2018-12-17 11:35 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-12-17 11:35 - 2017-05-28 23:40 - 000000000 ____D C:\Users\Domicile\AppData\Roaming\Wondershare
2018-12-17 11:22 - 2017-05-28 23:41 - 000000000 ____D C:\ProgramData\wondershare
2018-12-17 11:22 - 2017-05-28 23:38 - 000000000 ____D C:\Users\Public\Documents\Wondershare 
Task: {529138BE-71E9-42E8-BC88-21E503DE1955} - System32\Tasks\BlueStacksHelper => "C:\Program Files\Google\Chrome\Application\chrome.exe" --user-data-dir=DIR --mute-audio hxxps://gamerksk.blogspot.com/
Task: {F01B598D-C009-4FCC-96C7-A8E7816B04E2} - System32\Tasks\ASUS USB Charger Plus => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --user-data-dir=DIR --mute-audio hxxps://gamerksk.blogspot.com/
 Hosts:
EmptyTemp:
RemoveProxy:
Reboot:

Once the text is pasted into Notepad,
Go to the "File" menu and then "Save As",
On the left, navigate to the Desktop,
In the bottom field, file name enter: fixlist.txt
Click on "Save", this will create fixlist.txt on the Desktop.

Restart FRST and click on the "Fix" button
A restart may be necessary (not required)
A text file will appear, copy/paste the content here in a new message.

Restart the computer.

Good evening Malekal_morte-

Thank you for all these clarifications and your solution to my problem.

I am attaching the report after the fix:

https://pjjoint.malekal.com/files.php?id=20181226_m8e6d6z6e5

For now, everything seems to be working normally.

I will get back to you if necessary.

In any case, thank you for your kindness and your skills... Awesome!

Have a good evening.

Merry Christmas!

Best regards.

Good evening Malekal

Unfortunately, I still have the same problem...

I have done another scan with FRST and here are the 3 new reports:

https://pjjoint.malekal.com/files.php?id=FRST_20181226_y11s13l10v5o5
https://pjjoint.malekal.com/files.php?id=20181226_m7m13v6s12o12
https://pjjoint.malekal.com/files.php?id=20181226_w8n9e5w14c6

I hope you will find a solution to my problem.

Thank you very much for everything.

Have a good evening.
Best regards.

Good evening Malekal_morte-

Thank you for your response.

I followed the indicated steps... When I then launch FRST and click on FIX... After the restoration point and the execution of the fix, a window opens with the following message:

Autolt Error
Line 18821 (File "C:\Users\Domicile\Desktop\FRST64-.exe"):
Error: Variable used without being declared.

To close the window, I click on OK and the FRST software also closes. Therefore, I am unable to apply this new fix.

If you could help me once again...

Thank you.
Best regards.

Good evening Malekal_morte-

Thank you for your reply.

I have downloaded FRST64 three times from the sites "CCM/nicolascoolman/malekal.com" and still have the same problem. A window opens with this message and therefore I cannot apply your fix... For your information, this message appears just after creating a restore point... And when it says "the correction is in progress...".

What a hassle...

Thank you for your kindness and availability.

Have a nice evening.
Best regards.

Hello Malekal_morte-

Sorry for not replying sooner, but I've been testing from my PC.

Everything seems to be working normally. I still have some (5) "Google Chrome" processes, but they are using zero CPU...

I think my problem is finally resolved thanks to you.

Thank you so much for your kindness and expertise.

I wish you a great end of the year.

You are amazing!

Thank you and thank you.

Best regards.

hi RAPIDO13

if you are using Mozilla Firefox, uninstall Google Chrome with >>> free CCleaner <<<

see you
--
no links on English web pages, I'm already flying enough by myself

to be able to use "µTorrent"
??????
for infections, it's very good
--
no link on the web page in English, I'm already stealing enough on my own