Hard Drive Always Maxed

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by cabbiinc, May 12, 2018.

  1. cabbiinc

    cabbiinc Staff Sergeant

    Greetings and thanks for looking at this. My hard drive on my laptop is constantly running at 100% slowing everything down. When I go to Task Manager it doesn't show anything really using the HDD but when I go to Resource Monitor it will usually show a Windows looking type process that's doing something. I haven't been able to see a pattern. I'm not sure when this started, it came on slowly from what I can tell. This is on a laptop and while I'm not someone to runs around linking to every wifi I can find I have had to use a few at hotels and restaurants when in a pinch.

    I also have Panda Antivirus and it never did seem to run correctly. It would appear to be on and say it's run scans but when I open the program it acts like it's not running. I know that's a vague description and apologize.

    On the MGTools it wouldn't let me download to C: and the instructions said that it could be run from the Desktop if that's on the same drive. It is so I ran it from there. If I need to rerun it from C: let me know and I'll give it another try.

    After running a few of the scans my disk usage went down dramatically but still not down to nothing when nothing is running. Malwarebytes and RogueKiller is where I believe it started to behave. Unfortunately I wasn't paying attention as to where it started behaving.

    Attaching logs. If I've done any of the scans incorrectly I'll do my best to correct it and thanks again for looking at this.

    Also I do have a lot of scripts for Chrome and they are very useful. I was using a few for MS Edge but I can live without them.

    Dan
     

    Attached Files:

    cabbiinc, May 12, 2018
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You neglected to attach the MGLogs.zip and the ADWCleaner log.
     
    TimW, May 12, 2018
    #2
  3. cabbiinc

    cabbiinc Staff Sergeant

    Sorry about that. Hope this is what you need.
     

    Attached Files:

    cabbiinc, May 12, 2018
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Remove everything found by ADWCleaner. Uninstall Panda. Reboot and rescan with ADWCleaner and attach the new log and tell me how things are running.
     
    TimW, May 12, 2018
    #4
  5. cabbiinc

    cabbiinc Staff Sergeant

    Here you go. Drive C is still maxing out and not showing what processes are causing it.
     

    Attached Files:

    cabbiinc, May 12, 2018
    #5
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    MGLog.zip??
     
    TimW, May 13, 2018
    #6
  7. cabbiinc

    cabbiinc Staff Sergeant

    Here you go.
     

    Attached Files:

    cabbiinc, May 13, 2018
    #7
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Well, it's not malware. Perhaps you should click on services:
    Showing Running Processes with Memory Usage
    ----------------------------------------------------------------------------
    Image Name PID Session Name Session# Mem Usage
    ========================= ====== ================ ======== ============

    AAM Updates Notifier.exe 15920 Console 1 2,480 K
    AGSService.exe 4152 Services 0 1,388 K
    ApplicationFrameHost.exe 5208 Console 1 12 K
    audiodg.exe 39012 Services 0 1,052 K
    backgroundTaskHost.exe 39044 Console 1 16 K
    BingSvc.exe 12064 Console 1 1,628 K
    CastSrv.exe 9508 Console 1 3,196 K
    CCleaner64.exe 12164 Console 1 1,072 K
    CLMLSvc_P2G8.exe 11376 Console 1 296 K
    cmd.exe 10860 Console 1 12 K
    cmd.exe 38352 Console 1 2,660 K
    conhost.exe 9468 Console 1 808 K
    conhost.exe 11932 Console 1 12 K
    conhost.exe 38932 Console 1 2,204 K
    csrss.exe 660 Services 0 3,748 K
    csrss.exe 764 Console 1 4,484 K
    ctfmon.exe 9484 Console 1 N/A
    dasHost.exe 5164 Services 0 1,344 K
    DbxSvc.exe 4176 Services 0 1,312 K
    dllhost.exe 17920 Console 1 12 K
    DolbyDAX2API.exe 9904 Services 0 2,212 K
    DolbyDAX2TrayIcon.exe 11708 Console 1 12 K
    Dropbox.exe 10124 Console 1 2,284 K
    Dropbox.exe 10880 Console 1 16,360 K
    Dropbox.exe 12132 Console 1 24 K
    Dropbox.exe 12152 Console 1 24 K
    dwm.exe 1264 Console 1 8,664 K
    esrv.exe 7312 Console 1 2,956 K
    EvtEng.exe 3756 Services 0 1,836 K
    explorer.exe 8268 Console 1 23,788 K
    fontdrvhost.exe 684 Services 0 N/A
    fontdrvhost.exe 688 Console 1 156 K
    GDCAgent.exe 7696 Services 0 2,384 K
    GfExperienceService.exe 3964 Services 0 1,312 K
    HauppaugeTVServer.exe 3904 Services 0 1,876 K
    hmpsched.exe 2876 Services 0 584 K
    IAStorDataMgrSvc.exe 14468 Services 0 1,868 K
    IAStorIcon.exe 9124 Console 1 12 K
    ibtsiva.exe 3988 Services 0 540 K
    IDWinService.exe 3788 Services 0 952 K
    igfxCUIService.exe 2484 Services 0 672 K
    igfxEM.exe 8680 Console 1 12 K
    InputDirector.exe 12444 Console 1 364 K
    InputDirectorSessionHelpe 2728 Console 1 1,116 K
    isa.exe 19148 Services 0 1,184 K
    jhi_service.exe 14972 Services 0 760 K
    KHALMNPR.exe 11596 Console 1 68 K
    Lenovo.Modern.ImControlle 8156 Services 0 57,104 K
    Lenovo.Modern.ImControlle 9164 Console 1 7,044 K
    Lenovo.Modern.ImControlle 10784 Console 1 7,484 K
    LMS.exe 14868 Services 0 1,216 K
    lsass.exe 928 Services 0 5,036 K
    LSB.exe 11880 Console 1 476 K
    LSCNotify.exe 6888 Console 1 12 K
    MBAMService.exe 4596 Services 0 217,564 K
    mbamtray.exe 7420 Console 1 37,496 K
    MGtools.exe 38016 Console 1 2,368 K
    Mini_Monitor.exe 29960 Console 1 6,940 K
    MSASCuiL.exe 5180 Console 1 28 K
    NvBackend.exe 8124 Console 1 7,760 K
    NVDisplay.Container.exe 2096 Services 0 380 K
    NvNetworkService.exe 3936 Services 0 1,644 K
    nvtray.exe 9360 Console 1 12 K
    nvxdsync.exe 2328 Console 1 1,116 K
    OfficeClickToRun.exe 3812 Services 0 9,728 K
    PresentationFontCache.exe 7796 Services 0 N/A
    PsiService_2.exe 3728 Services 0 524 K
    PsiService_2.exe 3920 Services 0 656 K
    RAVBg64.exe 9220 Console 1 12 K
    RAVBg64.exe 11380 Console 1 180 K
    RAVBg64.exe 11424 Console 1 12 K
    RAVCpl64.exe 10268 Console 1 12 K
    RegSrvc.exe 3740 Services 0 944 K
    RemindersServer.exe 9016 Console 1 16 K
    RuntimeBroker.exe 8296 Console 1 2,516 K
    RuntimeBroker.exe 9604 Console 1 1,792 K
    RuntimeBroker.exe 10272 Console 1 180 K
    RuntimeBroker.exe 13744 Console 1 264 K
    RuntimeBroker.exe 40932 Console 1 988 K
    SearchUI.exe 9476 Console 1 16 K
    SecurityHealthService.exe 3980 Services 0 14,548 K
    services.exe 912 Services 0 9,152 K
    SetPoint.exe 11468 Console 1 1,080 K
    SettingSyncHost.exe 10748 Console 1 4,384 K
    ShellExperienceHost.exe 9040 Console 1 16 K
    sihost.exe 7532 Console 1 1,892 K
    SkypeHost.exe 8308 Console 1 16 K
    SmartDefrag.exe 7912 Console 1 2,016 K
    smartscreen.exe 39124 Console 1 692 K
    smss.exe 448 Services 0 748 K
    spoolsv.exe 3084 Services 0 2,756 K
    Spyder3Utility.exe 11516 Console 1 4,900 K
    svchost.exe 400 Services 0 N/A
    svchost.exe 584 Services 0 7,480 K
    svchost.exe 1140 Services 0 6,536 K
    svchost.exe 1192 Services 0 1,420 K
    svchost.exe 1364 Services 0 N/A
    svchost.exe 1476 Services 0 548 K
    svchost.exe 1552 Services 0 N/A
    svchost.exe 1568 Services 0 N/A
    svchost.exe 1584 Services 0 1,124 K
    svchost.exe 1696 Services 0 984 K
    svchost.exe 1708 Services 0 1,524 K
    svchost.exe 1716 Services 0 1,384 K
    svchost.exe 1776 Services 0 532 K
    svchost.exe 1876 Services 0 4,472 K
    svchost.exe 1896 Services 0 2,104 K
    svchost.exe 1908 Services 0 1,212 K
    svchost.exe 1932 Services 0 1,276 K
    svchost.exe 1976 Services 0 1,608 K
    svchost.exe 2192 Services 0 596 K
    svchost.exe 2200 Services 0 56 K
    svchost.exe 2304 Services 0 3,284 K
    svchost.exe 2384 Services 0 204 K
    svchost.exe 2460 Services 0 2,676 K
    svchost.exe 2532 Services 0 1,664 K
    svchost.exe 2564 Services 0 200 K
    svchost.exe 2572 Services 0 304 K
    svchost.exe 2716 Services 0 2,140 K
    svchost.exe 2828 Services 0 3,200 K
    svchost.exe 2928 Services 0 2,712 K
    svchost.exe 3024 Services 0 956 K
    svchost.exe 3032 Services 0 2,056 K
    svchost.exe 3064 Services 0 2,004 K
    svchost.exe 3292 Services 0 3,532 K
    svchost.exe 3408 Services 0 1,584 K
    svchost.exe 3680 Services 0 9,016 K
    svchost.exe 3688 Services 0 6,016 K
    svchost.exe 3696 Services 0 7,780 K
    svchost.exe 3836 Services 0 1,508 K
    svchost.exe 3844 Services 0 1,348 K
    svchost.exe 3848 Services 0 808 K
    svchost.exe 3860 Services 0 204 K
    svchost.exe 3868 Services 0 204 K
    svchost.exe 3876 Services 0 2,432 K
    svchost.exe 4072 Services 0 2,300 K
    svchost.exe 4080 Services 0 208 K
    svchost.exe 4088 Services 0 204 K
    svchost.exe 4184 Services 0 224 K
    svchost.exe 4244 Services 0 208 K
    svchost.exe 4336 Services 0 200 K
    svchost.exe 4376 Services 0 4,380 K
    svchost.exe 4588 Services 0 408 K
    svchost.exe 7124 Services 0 1,108 K
    svchost.exe 7552 Services 0 1,716 K
    svchost.exe 7684 Console 1 1,272 K
    svchost.exe 7712 Console 1 3,488 K
    svchost.exe 7920 Services 0 1,528 K
    svchost.exe 8764 Console 1 16 K
    svchost.exe 9688 Services 0 3,124 K
    svchost.exe 12180 Services 0 N/A
    svchost.exe 13308 Services 0 200 K
    svchost.exe 16596 Services 0 984 K
    svchost.exe 20672 Services 0 852 K
    svchost.exe 32520 Services 0 N/A
    svchost.exe 32532 Services 0 N/A
    svchost.exe 37312 Services 0 9,228 K
    svchost.exe 39520 Services 0 1,188 K
    svchost.exe 39612 Services 0 508 K
    SynTPEnh.exe 7484 Console 1 248 K
    SynTPEnhService.exe 3912 Services 0 652 K
    SynTPHelper.exe 7376 Console 1 N/A
    System 4 Services 0 13,760 K
    System Idle Process 0 Services 0 8 K
    TabTip.exe 9540 Console 1 428 K
    TabTip32.exe 9912 Console 1 N/A
    taskhostw.exe 7848 Console 1 2,404 K
    tasklist.exe 42984 Console 1 8,176 K
    Taskmgr.exe 39040 Console 1 13,344 K
    unsecapp.exe 4560 Services 0 1,068 K
    utility.exe 11580 Console 1 308 K
    WDAppManager.exe 13060 Console 1 5,700 K
    WDBackupEngine.exe 4348 Services 0 3,324 K
    WDDMStatus.exe 11568 Console 1 4,952 K
    WDDriveAgent.exe 12712 Console 1 4,312 K
    WDDriveAutoUnlock.exe 11616 Console 1 2,184 K
    WDDriveService.exe 3928 Services 0 12,320 K
    wininit.exe 788 Services 0 2,584 K
    winlogon.exe 864 Console 1 N/A
    WinTVTray.exe 10408 Console 1 432 K
    WmiPrvSE.exe 4844 Services 0 2,132 K
    WmiPrvSE.exe 6348 Services 0 5,940 K
    WR_Tray_Icon.exe 11096 Console 1 N/A
    WUDFHost.exe 624 Services 0 40 K
    WUDFHost.exe 1076 Services 0 N/A

    Also look at "details".

    In any event, this is really a subject for the software forum.

    Since you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    2. Re-enable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
    3. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    4. If running Vista, Win 7 or Win 8, it is time to make sure you have re-enabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Now go to the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 or 10 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    6. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    7. After doing the above, you should work thru the below link:
     
    TimW, May 13, 2018
    #8
  9. cabbiinc

    cabbiinc Staff Sergeant

    Thanks for all the help. I'll do the finals and see how things run and post in Software if I need to. Like I said I'm already seeing an improvement.
     
    cabbiinc, May 13, 2018
    #9
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are welcome. :)
     
    TimW, May 13, 2018
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds