Solved 100% CPU Usage, Several Malware Threats

[ljoneill]

Hi there,

I've had seemingly the exact same issues as those found in this post:

http://malwaretips.com/threads/100-...tfmon-exe-upnpcont-exe-dllhost-exe-etc.39167/

I followed the exact instructions in that post, including Anti-Rootkit and FRST scans. Anti-Rootkit found four issues, including three HKU/S-1-5-21 issues (registry key issues??).

Can someone take a look at the four attached documents and let me know if you see anything noteworthy? PC seems to be running better after running these two scans and the Anti-Rootkit cleanup.

Also, AVG found this MalSign.Generic.DE7 virus, which I have hopefully deleted. But several things I've read online indicate a need to go into regedit while in Safe Mode to deal with some of these sorts of issues because the normal cleanup in AVG doesn't deal with the root cause. Maybe the Rootkit dealt with these issues, though.

All help appreciated!

Luke

 

[argus]

Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Make sure that Addition option is checked.
• Press Scan button and wait.
• The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

 

[ljoneill]

I already attached those files. Those are after doing all other steps, so they're fully up-to-the-minute. Thanks.

 

[ljoneill]

This now says "solved". Do the attachments indicate the PC is clean? I can't really tell from reading them.

 

[argus]

How much is your CPU?

If normal then it is OK.

 

[argus]

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.

Running it on another one may cause damage and render the system unstable.

​

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
• Press the Fix button just once and wait.
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

• Right-click on
  
  icon and select
  
  Run as Administrator to start the tool.
• Follow the prompts and click Scan.
• When finished, please click Clean.
• Upon completion, click Report. A log (AdwCleaner[S*].txt) will open.

Please include the contents of that file in your reply.

 

[argus]

This is filing.

System is clean 100%.