Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Please Help - CPU usage stays at 100% all the time

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Please Help - CPU usage stays at 100% all the time

Unread postby brfoglia » May 6th, 2017, 8:46 pm

ISSUE - From the moment the laptop is booted up the cpu usage in task manager hits 100% and stays there. Everything runs incredibly slow

Hardware = Laptop - Toshiba Satellite L455-S5975

Whats been tried so far - Laptop has been scanned by the following which has all been updated: AVG, Spybot, Malwarebytes, SuperAntispyware
I have un msconfig and turned off all applications on startup, I have run disk defrag as well as CCleaner. I also checked Device Manager and made sure no hardware was malfunctioning and everything looked fine.

Please see attached files.

Any help would be most appreciated.

Thank you in advance,

Brian
You do not have the required permissions to view the files attached to this post.
brfoglia
Active Member
 
Posts: 8
Joined: May 6th, 2017, 2:23 pm
Advertisement
Register to Remove

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 7th, 2017, 11:13 am

Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Failure to post replies within 3 days will result in this thread being closed.


Hello brfoglia,

Welcome to Malware Removal! My name is mAL_rEm018, but feel free to call me mAL. I will be helping you with your malware related problems :)

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Because of this, I advise you to backup any personal files and folders before you start.

To make sure everything goes smoothly, I would like you to observe the following rules:
  • You must have Administrator rights, permissions for this computer.
  • Please reply to this thread. Do not start another topic.
  • Perform all actions in the order given.
  • If you don't know, stop and ask!
  • DO NOT run any other fix or removal tools unless instructed to do so!
  • Don't attempt to install any new software (other than those I ask you to) until your computer is clean.
  • DO NOT post for help at any other forum. Applying fixes from multiple help sites can cause problems.
  • I advise you to print the instructions if possible, since your internet connection might not be available during some of the fixes.
  • Absence of symptoms does not mean that everything is clear, therefore stick with this topic until I give you the "all clear".

I am currently reviewing your logs and will return as soon as possible, with additional instructions. In the meantime I would like you to read and get acquainted with the following topic: HOW TO GET HELP IN THIS FORUM - everyone must read this, where the conditions for receiving help here are explained.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 7th, 2017, 5:34 pm

Hello brfoglia,

Please do the following..

Backup your registry using TCRB
  • Please download TCRB to your Desktop.
  • Open Tweaking.com Registry Backup.
  • Click on the Backup Registry tab and ensure that all options are checked.
  • Press on Backup Now.
  • Wait until the backup is complete and exit the program.

Adwcleaner
  • Please download AdwCleaner to your Desktop.
  • Close all your programs and right-click AdwCleaner.exe and select Run as administrator.
  • Click on Scan.
  • After the scan is over, select Logfile.
  • A notepad window will open. Please copy/paste the contents in your next reply.
    Note: do not select Clean at this point

I would like you to run a search using FRST..
  • Double click Frst.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    babylon;Bandoo;CleverSearch;conduit;datamngr;Fun4IM;iLivid;Istartsurf;kelkoopartners;Luckysearches;QuickSurf;Searchnu;Searchqu;SharkManCoupon;sushileads;SweetIM;SweetPacks;TidyNetwork;trolltech;whitesmoke;Wordinator;WordSurfer

    • Press the Search Registry button.
    • When finished searching a log will open on your Desktop ... SearchReg.txt
    • Please post it in your next reply.



-----------------------------------------
In your next reply, I would like to see..
  • Did you have any problems following my instructions?
  • Adwcleaner log
  • SearchReg.txt
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby brfoglia » May 7th, 2017, 8:21 pm

Mal,

Thank you so much for your help.
I am attaching the files you requested. I am also attaching the aswMBR file (I realized the 1st time I did it, it just downloaded the definitions and didnt scan, this one has the scan)
You do not have the required permissions to view the files attached to this post.
brfoglia
Active Member
 
Posts: 8
Joined: May 6th, 2017, 2:23 pm

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 8th, 2017, 3:46 am

Hello brfoglia,

I will ask that in the future you post your logs instead of attaching them, since not everyone is allowed to download attachments. This is a school and it can be frustrating for students who want to learn, but don't have access to the logs.


PUP (Potentially Unwanted Programs)
  • Yahoo Partner
  • AVG Secure Search
  • Arcadesafari
  • Ask Search


Potentially Unwanted Programs (PUP) are software that have unpredictable behaviour and/or might have been installed on your computer without your direct consent. You might have installed them willingly, in which case feel free to keep them. However, if you did not intentionally install them let me know and I will give you the instructions to remove them.


Please answer the following questions..

  1. Did you set the following policy?
    HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
    HKU\S-1-5-21-2802963544-327318797-2809920788-1000\...\Policies\Explorer: [NoSetActiveDesktop] 0
  2. Did you intentionally block Firefox and Google Chrome with your firewall?
    FirewallRules: [TCP Query User{E4AE8CB8-C32F-4389-A2A2-66F983A1D212}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
    FirewallRules: [TCP Query User{06CCCDEB-CEEA-41BF-826B-BA0844BF6637}C:\users\pat\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pat\appdata\local\google\chrome\application\chrome.exe
  3. You are using version 1.75 of Malwarebytes and the current version is 3.06. Is this the paid version of MBAM?
    Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)

Thank you for providing the aswMBR log. The following file was flagged during the scan:
09:01:41.322 File: C:\windows\system32\csrsrv.dll **INFECTED** Win32:Aluroot-B [Rtk]

I wouldn't worry about this just yet, since you used an outdated version of aswMBR and this is most likely nothing more than a false positive. Nevertheless, let's investigate this further.


I need you to run another search using FRST..

  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    csrsrv.dll

    • Press the Search Registry button.
    • When finished searching a log will open on your Desktop ... SearchReg.txt
    • Please post it in your next reply.

TDSSKiller
  • Please download and save the following tool to your Desktop: Link.
  • Right-click on tdsskiller.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • Read the End User License Agreement and if you agree select Accept.
  • Click on Start Scan
  • Once the scan is completed select Report located on the top-right corner.
  • Copy/paste the content of the report in your next reply.

RogueKiller
  • Please download and save the following tool to your Desktop: Link.
  • Right-click on setup.exe and select "Run as Administrator" to run it...if UAC prompts, please allow it.
  • Follow the instructions on screen to install the program.
  • When Roguekiller is installed, select Scan.
  • Once the Scan is done, click Open Report.
  • Select Export TXT and save the file as RKiller.txt to your desktop.
  • Post the contents of RKiller.txt in your next reply.


-----------------------------------------
In your next reply, I would like to see..
  • Did you have any problem following my instructions?
  • Decision concerning the Potentially Unwanted Programs.
  • Answer to my questions.
  • SearchReg.txt
  • TDSSKiller report
  • RKiller.txt

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby brfoglia » May 8th, 2017, 11:38 pm

Mal,

Here are the answers to your questions.

1) No - No one set the policy
2) No - I did not intentionally block Firefox and Google Chrome with my firewall
3) Yes, it might be the paid version. It doesnt matter though, I have no problem uninstalling it to get a more updated version even if it is not the paid for version.

I will install and run the programs you ask, I just need a day or 2 time to do it.
Sorry for the delay and thank you for all your help.

Brian
brfoglia
Active Member
 
Posts: 8
Joined: May 6th, 2017, 2:23 pm

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 9th, 2017, 5:41 am

Hi Brian,

brfoglia wrote:I will install and run the programs you ask, I just need a day or 2 time to do it.

Thank you for letting me know. Please note that I made a minor mistake in one of the steps in my last post. When running the search using FRST, you should select Search Files instead of Search Registry and the file generated will be called Search.txt.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby brfoglia » May 10th, 2017, 5:39 pm

I will run these scans on Thursday, can you please hold the ticket open till then.

Thank you

Brian
brfoglia
Active Member
 
Posts: 8
Joined: May 6th, 2017, 2:23 pm

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 11th, 2017, 4:01 am

Hi Brian,

bforglia wrote:I will run these scans on Thursday, can you please hold the ticket open till then.

Yes, I will keep your topic opened. Thank you for letting me know.
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby mAL_rEm018 » May 14th, 2017, 6:35 am

Hi Brian,

You mentioned that you wouldn't be able to post anything until Thursday.. Now it's Sunday and you still haven't posted the logs I requested. I understand that you are busy, which is why I kept this topic opened until now. However, if I haven't received a reply from you in 24 hours I will request for this topic to be closed and you will have to start a new one.

Thank you for your understanding,

mAL
User avatar
mAL_rEm018
Admin/Teacher
Admin/Teacher
 
Posts: 2689
Joined: November 11th, 2013, 6:26 pm
Location: Saint-Petersburg, Russia

Re: Please Help - CPU usage stays at 100% all the time

Unread postby brfoglia » May 14th, 2017, 2:44 pm

I will be trying to post this tonight for you. very sorry for the delay.

Thank you

Brian
brfoglia
Active Member
 
Posts: 8
Joined: May 6th, 2017, 2:23 pm

Re: Please Help - CPU usage stays at 100% all the time

Unread postby Cypher » May 15th, 2017, 7:02 am

Due to apparent lack of the time required to complete the cleaning process, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 118 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware