nslookup.exe using 100% of 2 cpu cores
- Thread starter Brogan
- Start date
- Status
- Nov 5, 2019
- 1,431
Hello, Welcome to MalwareTips.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download and run the followiing programs
If you have Malwarebytes installed just run it as suggested, If not:
Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
Note: If asked to restart the computer, please do so immediately.
===
Please download AdwCleaner by Malwarebytes your Desktop.
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Please attach all the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]
Let me know what problems persists.
Wait for further instructions
p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
Please download and run the followiing programs
If you have Malwarebytes installed just run it as suggested, If not:
Please download Malwarebytes Anti-Malware from Malwarebytes or
from BleepingComputer
- Right-click on the MBAM icon and select Run as administrator to run the tool.[/*]
- Click Yes to accept any security warnings that may appear.[/*]
- Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database.[/*]
- On the left menu pane click the Settings tab, and then select the Protection tab on the top.[/*]
- Under the Scan Options, turn on the button Scan for rootkits and Scan within archives.[/*]
- Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button[/*]
- Note: The scan may take some time to finish, so please be patient.[/*]
- If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button.[/*]
- While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.[/*]
- The log can also be viewed by clicking the log to select it, then clicking the View Report button.[/*]
Note: If asked to restart the computer, please do so immediately.
===
Please download AdwCleaner by Malwarebytes your Desktop.
- Close all open programs and internet browsers.[/*]
- Double click on AdwCleaner.exe to run the tool.[/*]
- Click the Scan button and wait for the process to complete.[/*]
- Click the LogFile button and the report will open in Notepad.[/*]
- If you click the Clean button all items listed in the report will be removed.[/*]
- Close all open programs and internet browsers.[/*]
- Double click on AdwCleaner.exe to run the tool.[/*]
- Click the Scan button and wait for the process to complete.[/*]
- Check off the element(s) you wish to keep.[/*]
- Click on the Clean button follow the prompts.[/*]
- A log file will automatically open after the scan has finished.[/*]
- Please post the content of that log file with your next answer.[/*]
- You can find the log file at C:\AdwCleanerCx.txt (x is a number).[/*]
Download the Farbar Recovery Scan Tool (FRST).
Choose the 32 or 64 bit version for your system.
and save it to a folder on your computer's Desktop.
Ensure that you are in an Administrator Account
Double-click to run it. When the tool opens click Yes to disclaimer.
Check the boxes as seen here:
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Please attach all the logs for my review.
How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
[img=[URL]http://deeprybka.trojaner-board.de/eset/eng/attachlogs.png[/URL]]
Let me know what problems persists.
Wait for further instructions
p.s.
This program is updated often.
If it's identified as suspicious by your Anti-Virus program trust it if Downloaded from the link I provided.
OR, you should restore the program from the Quarantine folder.
====
- Nov 5, 2019
- 1,431
Hi,
Let's do some maintenance.
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt later with fresh copy of FSTS.TXT and Addition.txt logs.
Make sure to copy and past the complete files in you reply. The FRST.TXT you previously posted was not complete.
Post the logs. Wait for further instructions.
Let's do some maintenance.
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt later with fresh copy of FSTS.TXT and Addition.txt logs.
Make sure to copy and past the complete files in you reply. The FRST.TXT you previously posted was not complete.
Post the logs. Wait for further instructions.
- Nov 5, 2019
- 1,431
Hi,
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know if the problem persists.
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt and let me know if the problem persists.
- Nov 5, 2019
- 1,431
Hi,
Please make sure you have the latest Windows 10 updates before proceeding.
Please set File Explorer to SHOW ALL folders, all files, including Hidden ones.
Please use this Guide for Windows 10 or 11. https://support.microsoft.com/en-us...d-folders-in-windows-97fbc472-c603-9d90-91d0-
Follow the instructions.
Then Download the Microsoft Scanner for this site:
Launch MSERT.exe
Accept the agreement terms of Microsoft
Select CUSTOM scan
Look on Scan Options & select CUSTOM scan & then select the C drive to be scanned.
Then start the scan. Have lots of patience. Once you start the scan & you see it started, then leave it be.
Once you see it has started, take a long long break; walk away. Do not pay credence if you see some intermediate early flash messages on screen display. The only things that count are the End result at the end of the run.
Again, any on-screen display about repeat 'infection' is not to be relied on. Ignore those.
We only rely on the end result that is on the log-report-file.
This is likely to run for many hours ( depending on number of files on your machine & the speed of hardware.)
The log is named MSERT.log
the log will be at
Windows\debug\msert.log
Please attach that log with your reply
p.s.
There are more information for you to read in the download link.
<<<>>>
Please make sure you have the latest Windows 10 updates before proceeding.
Please set File Explorer to SHOW ALL folders, all files, including Hidden ones.
Please use this Guide for Windows 10 or 11. https://support.microsoft.com/en-us...d-folders-in-windows-97fbc472-c603-9d90-91d0-
Follow the instructions.
Then Download the Microsoft Scanner for this site:
Microsoft Safety Scanner Download
Get the Microsoft Safety Scanner tool to find and remove malware from Windows computers.
learn.microsoft.com
Launch MSERT.exe
Accept the agreement terms of Microsoft
Select CUSTOM scan
Look on Scan Options & select CUSTOM scan & then select the C drive to be scanned.
Then start the scan. Have lots of patience. Once you start the scan & you see it started, then leave it be.
Once you see it has started, take a long long break; walk away. Do not pay credence if you see some intermediate early flash messages on screen display. The only things that count are the End result at the end of the run.
Again, any on-screen display about repeat 'infection' is not to be relied on. Ignore those.
We only rely on the end result that is on the log-report-file.
This is likely to run for many hours ( depending on number of files on your machine & the speed of hardware.)
The log is named MSERT.log
the log will be at
Windows\debug\msert.log
Please attach that log with your reply
p.s.
There are more information for you to read in the download link.
<<<>>>
- Nov 5, 2019
- 1,431
Hi,
Please have a look at this section of the Addition.txt logs reguarding your Hosts file.
In my first Fix I use a command to replace your hosts file.
If I'm not mistaken you have restore your previous Hosts life.
My concern is that if you have previously installed then deleted the various Security programs there may still be some remnant items in the registry that are causing issues.
Look at all the Anti-virus programs listed and let me know all the programs that your have previously installed and later just remove the folders.
p.s.
You may want to reset the hosts file to it's original name and restart the computer to see if the proglem persists.
I still want to see the programs list that you have previously installed.
Please have a look at this section of the Addition.txt logs reguarding your Hosts file.
In my first Fix I use a command to replace your hosts file.
If I'm not mistaken you have restore your previous Hosts life.
My concern is that if you have previously installed then deleted the various Security programs there may still be some remnant items in the registry that are causing issues.
Look at all the Anti-virus programs listed and let me know all the programs that your have previously installed and later just remove the folders.
p.s.
You may want to reset the hosts file to it's original name and restart the computer to see if the proglem persists.
I still want to see the programs list that you have previously installed.
- Jun 18, 2023
- 11
most of the anti virus programs listed there i've never installed before on my pc the only ones i can recall installing are malwarebytes and avast i also did default restart on the hosts file and when i rebooted my pc all the addresses were rewritten to 0.0.0.0 so i assume the virus is still there ? and yes nslookup is still using alot of cpu power after that
- Nov 5, 2019
- 1,431
Hi,
Re Avast
Download and run their uninstaller tool from this site.
www.avast.com
Restart the computer when the removal is completed.
-----
Something may be changing the contents of your hosts file.
Run the Farbar program and type HOSTS in the search box.
Click the Search file button.
Copy and paste the results in you next reply. This will tell me if something is managing your file.
Re Avast
Download and run their uninstaller tool from this site.
Avast Removal Tool | Download Avast Clear | Avast
www.avast.com
Restart the computer when the removal is completed.
-----
Something may be changing the contents of your hosts file.
Run the Farbar program and type HOSTS in the search box.
Click the Search file button.
Copy and paste the results in you next reply. This will tell me if something is managing your file.
- Nov 5, 2019
- 1,431
Hi,
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt.
I will have a look at the contents of the files.
Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the FRST.txt log you have submitted.
Run FRST and click Fix only once and wait.
The Computer will restart when the fix is completed.
It will create a log (Fixlog.txt) please post it to your reply.
===
Please post the Fixlog.txt.
I will have a look at the contents of the files.
- Nov 5, 2019
- 1,431
Hi,
If you have a Linux(Partition) system which I'm not fully familiar with (other than some commands) I can only ask that you check the the experts in this forum
What your default Windows 10 Hosts file should look like and what the Linux Hosts file look like in in this system and it's location?
I may be barking at the wrong reason for your current problem but at the moment I only have this to recommend.
When you have solved the hosts file issue please let me know and will continue to where we left off.
If you have a Linux(Partition) system which I'm not fully familiar with (other than some commands) I can only ask that you check the the experts in this forum
What your default Windows 10 Hosts file should look like and what the Linux Hosts file look like in in this system and it's location?
I may be barking at the wrong reason for your current problem but at the moment I only have this to recommend.
When you have solved the hosts file issue please let me know and will continue to where we left off.
- Status
Similar threads
