Unnamed process running in task manager

Status
Not open for further replies.

Mak021

Commendable
Aug 30, 2016
7
0
1,510
Following my recent BSODs (which i thought to have fixed in the last thread i made) i started to get quite dissapointed at my computing skills. I just can't fix these BSODs (critical process died, ntoskrnl.exe). I updated and reinstalled all my drivers (no dice), i ran memtest, driver verifier, even contacted microsoft support to no avail.

I remember though since this pc is shared between my family, that they told me they did something they shouldnt've and then there was malware, i thought i cleaned it out with malwarebytes but i guess i didn't. There is now an unnamed process under the name "svchost.exe" running from SysWOW64 (to my knowledge, svchost should stay in system32). I cannot end the process as it gives my PC a BSOD, yet it uses my CPU more and more until the CPU itself gives up and gives me a BSOD (all have the same error, critical process died)

Virtually any help with this would be appreciated, any files you need i'll provide and any ideas would help.

CPU: Ryzen 3 1300x
MB: A320M-DS2
GPU: RX 550 2GB
DDR4 4gb 2400mhz

https://imgur.com/a/Aci9D (2 pictures showing what i mean)

EDIT: Seems to have been solved by ragnar's idea of updating, so kids update your windows, it might just help ye.
 

aquielisunari

Distinguished


Did you build your PC? https://www.microsoft.com/en-us/software-download/windows10 shows you how to download a tool that can create a copy of Windows 10 if you don't already have one. I'd keep things simple and perform a clean install before this cancer gets fatal.
 
The presence of svchost in SysWOW64 is not cause for concern, in itself.
(SysWOW64 is just Windows on Windows64, so 32bit programs on a 64bit OS).

The screenshot is a little weird though, never seen that before.

What I can tell though, is you're not on the latest Windows release (no GPU monitoring to the right of 'network'). I'd suggest starting there (either upgrade or clean install) and see.

FWIW, the critical process ntoskrnl was a pretty common BSOD during the original "upgrade" to Windows 10 from 7 or 8...
Where did this OS install come from? Was it clean installed when this Ryzen system was built? Or did you just 'plug and play' with an HDD/SSD from another system?
 

Mak021

Commendable
Aug 30, 2016
7
0
1,510

https://imgur.com/a/xYyM2
I do have the GPU monitor here.
This OS was bought by my dutch friend, he gave me the installer and afterwards gave me the licenced key, its not a pirated copy. I installed it clean with my ryzen build, but the HDD is from an older PC (i did reformat it though, don't know why this problem didn't appear earlier).
 

Mak021

Commendable
Aug 30, 2016
7
0
1,510


I'd really like to avoid a clean install, i have no access to an external HDD to backup some files, and as i work from a computer losing them would be devastating.
 

ragnar-gd

Estimable
Sep 30, 2014
36
0
4,610
To check if your windows-build is up to date, open a commandline, and type "winver".
The "latest" is 16299.334, but 16299.309 is still possible and ok.

Not doing a backup is calling for trouble. Imagine it IS malware...
 

Mak021

Commendable
Aug 30, 2016
7
0
1,510


Well you were right there, i thought i had the latest one, i have 16299.125. But when i try using windows updater it just tells me "Your windows is up to date"

I'll try updating it, but i don't think it'll be a fix as i did a windows 10 reinstall (keeping all of my files) due to the BSODs (they were still here before the downgrade to version .125)

EDIT: [strike]Well i'll be damed updating seems to have fixed it, for the first time in a week im able to shut down my pc without a BSOD. I'll update this if it starts going wild on me again. Thanks for the help :D
[/strike]
It worked for 2h and now its doing it again, god damn.
 

Mak021

Commendable
Aug 30, 2016
7
0
1,510


Well, it started doing it again, have any other ideas besides throwing the HDD in the bin?
 

mdd1963

Distinguished


Nuke and pave, start over......

 
Jun 7, 2018
1
0
10
you are infected with the WinstarNssmMiner, its hosted on svchost so you have to break it from the registry also check the schedule entries, my little brother downloaded it once and i was able to remove it that way.
 
Status
Not open for further replies.