qemu-system-x86_64 runs 100% CPU

stoke.monkey wrote:

I'm having the very same issue, following an installation of Albleton 10 from a torrent file. I assume you're referring to a clean install, or does simply removing Ableton and reinstalling OS X resolve the issue?

Assume all your passwords have been compromised, multiple backdoors have been installed, all of your contact data has been compromised, all of the passwords and all of the data in your mail archive has been uploaded and analyzed and that using automated tools for finding credit card information and passwords and other sensitive data, that your email contacts will be receiving spoofed email “from you”, and that your entire cache of photos has been uploaded. Prolly a few other things got swiped, too.

If yu’re very lucky, all of that didn’t happen. Best case, you mined some worthless cryptocurrency, or had your processor enlisted to crack passwords or some such, But given how automated the scammers are getting with their tools, that’s far from a certainty.

Wipe, reinstall, change all your passwords, etc.

hello i solved this issue oleeyy :) . so first you need to sample ( not quit ) qemu in activity monitor . and you will get the file direction . then you need to search in finder only x86_64 and you can access the folder contains it. it is in usr/ local/cellar was in my Mac . hope it will work for you

beginning your Unix journey.

Unix Navigation Commands

R

Hi,

I had the problem since yesterday, after some investigation I found the solution by removing the following files from my system.

Just open a Terminal windows and use the following commands.

sudo rm -R /usr/local/cellar/qemu

sudo rm -R /Library/Application Support/.Qemusys

sudo rm -R /Library/Application Support/.System-Monitor

sudo rm /Library/LaunchDaemons/com.buildtools.system-monitor.plist

sudo rm /library/LaunchDaemons/com.buildtools.tools-service.plist

sudo rm /Library/LaunchDaemons/com.modulesys.qemuservice.plist

sudo rm /Library/LaunchDaemons/com.systools.cpumonitor.plist

then goto

cd /usr/local/bin/

sudo rm -R .Tools-Service

sudo rm cpumonitor

sudo rm system-monitor

sudo rm tools-service

Please be careful with these commands, they are dangerous if you enter them wrong.

Best is to cut and paste them on the command line.

And next time, buy software instead of ....

if anyone else is looking here for answers on this now I was able to remove it completely without reinstalling osx. if you follow these steps given by Edgytwelvie (steps below) (credit to him for savin my butt with this part). When you get to about step 10 and you find a QUEMU file ending in .KEXT and one ending in a .PLIST your mac will not allow you to delete this because they have imbedded themselves as essential to macs OS. so when you try to drag into the trash it might say "this operation cannot be completed because this file is required by OS." So to delete those you must reboot your mac into recovery mode by restarting it then holding command R. Once you are in recovery mode look up top for utilities then hit that and open terminal. you will need to type in csrutil disable it will ask for your password then it should disable it. now restart your mac NORMALLY and locate the qemu KEXT file and the qemu PLIST and throw them in the trash and empty the trash.. now reboot back into recovery mode as you did before.. open terminal and type csrutil enable and press enter... once you reboot normally your problem should be solved.. i would recommend shutting off laptop for a while before using it again.

STEPS:

1. Launch Activity Monitor and locate "qemu-system-x86_64"

2. Double click on it and on the bottom left of Activity Monitor click "Sample"

3. Once the sample has been taken, you should see lots of random digits which might intimidate you, but one of the subheadings in the sample should be called "Path:". Copy the path you see. My path was something like this: /usr/local/bin/qemu-system-x86_64

4. Launch Finder and simultaneously click "Shift" "Command" "G"

5. Paste the path that you copied from step 3 and click "Go"

6. This should locate a Qemu file, delete that immediately

7. For safe measure, we will now delete everything from your System which contains either the words "qemu" or "x86_64"

8. Press "Shift" "Command" "G" again and in the search box type "/system"

10. Where it says "search" on the top right of your finder, search for "qemu". For me this came up with nothing, but if you look closely that's because it's searching on "This Mac". Click the tab which allows you to search on the "System".

11. If this brings up a number of files, delete all of them. Make sure to empty your trash too. (if you cant delete them look up at the first body of text)

12. Repeat steps 10 & 11 but instead of searching for "qemu" search for "x86_64" (if you cant delete them look up at the first body of text)

13. Shut down your computer completely for a period of time. For me it was 10 hours, the time from when I slept to woke up the next day

qemu is an open source virtual machine software to run other operating systems in your Mac. This is not surprising behaviour. I suggest you uninstall it.

Any luck in solving your issue? I'm having the exact same problem. The only previous things I installed were to do with music production as well!

Thanks for following up. I wasn't aware that they weren't even bothering to port code their malware to the Mac now. In addition to being malicious, that is just lazy.

Etrecheck removes all personal information. He replied above. Hundreds of people have posted etrecheck information here.

You should be able to look through the report and find qemu?

R

Qemu is used to run a cryptocurrency miner on your computer, within an emulated OS. Chances are you picked it up downloading something from a less than reputable site.

I have the same problem. Did you just reinstall your OSX or did you reset it to factory settings? I really need some help. Thanks.

Hey, i had the same problem until i had the simpe idea to just double klick on the file and find the path and delete it :O after that i restart my mac and the problem was gone .