All Discussions > Steam Forums > Hardware and Operating Systems > Topic Details
keno May 20, 2021 @ 1:56pm
Need help, potentially crypto mining in background or virus! chrome
So, I recently installed Team fortress 2 and realised it was unplayable (frames dropping to 15).

I opened task manager and noticed google chrome is using 60%+ of CPU even though it was closed.

Screenshot: https://imgur.com/a/2sFumOS
(It is separated for some reason from other chrome processes)

Then I disabled that high CPU usage process and ran google chrome again, everything was alright. It was using like 3-4% (normal) and the game ran smooth.

And I thought I "solved" the problem but no.
Next day, when I wanted to play more Team fortress 2, the same problem.

I had to disable this thing in task manager to play smoothly.
(I was browsing internet before joining game and it is not noticable until you join a game where you need more CPU power).

So, every time the same thing, basically. Uses about 55% cpu all the time even when google is closed. And I don't know for how long this was going on because I wasn't playing games or running photoshop or smth.

Other fixes I tried:

- reinstalling chrome - didn't help

- opening task manager of chrome (shift+esc)

https://i.imgur.com/8uTrrVH.png

Nothing of that kind of cpu usage to see here.

Please I need your thoughts. It looks very weird to me. I am scared that it is crypto mining or something...:steamsad:

EDIT: This is the high demanding process when i go to properties

https://imgur.com/a/OzpvJyX Looks quite normal I guess?

EDIT 2: and this is when I go to "open file location"

https://imgur.com/a/BzZBHdp
Last edited by keno; May 20, 2021 @ 2:00pm
< >
Showing 1-10 of 10 comments
Mad Scientist May 20, 2021 @ 2:02pm 
Mining viruses would typically use the GPU, not the CPU as they mine so slowly and awfully even for workstation chips, there's basically no benefit to use a CPU.

It's probably the SIH (Steam Inventory Helper) addon, which you shouldn't be giving apps the ability to see/interact with your inventory. You should deauth extra devices from your account and remove all API keys from your Steam account, then change your password.
#1
keno May 20, 2021 @ 2:04pm 
Originally posted by Mr. Gentlebot:
Mining viruses would typically use the GPU, not the CPU as they mine so slowly and awfully even for workstation chips, there's basically no benefit to use a CPU.

It's probably the SIH (Steam Inventory Helper) addon, which you shouldn't be giving apps the ability to see/interact with your inventory. You should deauth extra devices from your account and remove all API keys from your Steam account, then change your password.

I will try disabling it right now and restart my PC to see if that is the case.
#2
keno May 20, 2021 @ 2:07pm 
Just restarted PC after deleting SIH.

https://imgur.com/a/Myy0nfJ

Still the same problem.
#3
Cathulhu May 20, 2021 @ 2:10pm 
Looks like a process disguising as Google Chrome.
It doesn't have any sub-processes like the real Google Chrome would have.

Looks like you infected your computer with malware and your computer does something.
If you're lucky it's just mining.
If you're unlucky it's used as part of a zombie network for hacking, spamming or DDoS attacks.
#4
Mad Scientist May 20, 2021 @ 2:10pm 
Originally posted by keno:
Just restarted PC after deleting SIH.

https://imgur.com/a/Myy0nfJ

Still the same problem.
There should be no reason for chrome to run something in the background (unless it's a virus or user installed thing), what else have you installed that is running in the background? Any automatic addons that do anything in particular? Other 3rd party services that call on chrome?

Do you have an AV that can be ran to look for anything out of the ordinary?
#5
keno May 20, 2021 @ 2:13pm 
Originally posted by Mr. Gentlebot:
Originally posted by keno:
Just restarted PC after deleting SIH.

https://imgur.com/a/Myy0nfJ

Still the same problem.
There should be no reason for chrome to run something in the background (unless it's a virus or user installed thing), what else have you installed that is running in the background? Any automatic addons that do anything in particular? Other 3rd party services that call on chrome?

Do you have an AV that can be ran to look for anything out of the ordinary?

Nothing I can think of.

I will try to scan with Malwarebytes.
#6
emoticorpse May 20, 2021 @ 2:15pm 
run malwarebytes?
#7
keno May 20, 2021 @ 2:16pm 
Originally posted by emoticorpse:
run malwarebytes?
yes sir
#8
keno May 20, 2021 @ 2:38pm 
Originally posted by TheCurlyPube:
Maybe just uninstall Chrome completely including all its file locations. It may be screwed up, so may need to be manually removed completely.
Should have mentioned but that's what I did.
#9
Bad 💀 Motha May 20, 2021 @ 4:46pm 
Scan with Hitman Pro

Also in Task Manager, click that instance of Google Chrome and select File Location.
It should bring up the folder that houses this file, whatever it might really be.
Last edited by Bad 💀 Motha; May 20, 2021 @ 4:47pm
#10
< >
Showing 1-10 of 10 comments
Per page: 1530 50

All Discussions > Steam Forums > Hardware and Operating Systems > Topic Details
Date Posted: May 20, 2021 @ 1:56pm
Posts: 10
Start a New Discussion

Discussions Rules and Guidelines