 Machine is extremely slow with high CPU and PF Usage, Could you please help to remove any virus/trojan/spyware/malware |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
 Nov 12 2009, 11:18 AM
Post
#46
|
|
 Forum Addict  Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685  |
When you run this uncheck Remove Found Threats I would like to look at anything it may find before it deletes them. I'd like us to scan your machine with ESET OnlineScan
-------------------- If I have helped you then please consider donating so I can continue the fight against malware
 All donations go directly to the helper  |
 |
 
|
button.
to download the ESET Smart Installer. Save it to your desktop.
icon on your desktop.
button.
, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
button.
|
Nov 12 2009, 11:33 PM
Post
#47
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
ESET Online Scanner
No threats found Scanned Files: 154051 Infcetd Files: 0 Cleaned Files: 0 Total Action Time: 03:12:29 Scan Status: Fineshed |
|
|
|
|
Nov 13 2009, 06:51 AM
Post
#48
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
I missed out following points.
Though ESET scan result shows no infection, I found clicking on link Manage Quarantine, there are 4 files shown, see the attached screenshot. First 2 files still being shown in the mentioned folders (ExampleBatch_f12x9pre.xls) Last 2 files (desktop.ini and MHv1.3.exe) I couldn't find in the directory mentioned. Do you think anything is wrong?
Attached File(s)
|
|
|
|
|
Nov 13 2009, 02:42 PM
Post
#49
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
Some more strange things started happening suddenly.
I am getting symantec firewall prompt stating Program Explorer.EXE from path C:\WINDOWS\ is trying to access internet and ask me what I want to do, the default recommendation is "Automatically Configure Internet Access" but as I never seen this before I am not accepting that rather chosen 'Block Once' always. Also constantly Symantec Firewall pops up with 'New Network Detected". This screen used to come only once just after connecting to internet and I chose 'trusted Network' but don't know why it's behaviour has changed suddenly. Please advise. |
|
|
|
|
Nov 13 2009, 05:33 PM
Post
#50
|
|
|
Forum Addict Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685 |
I don't know anything about Symantec firewall as I have never messed with it. The normal path for Explorer.exe is C:\Windows but I have no clue why Symantec would be trying to block it. If you are blocking Explorer.exe then you shouldn't be seeing a lot of your normal features such as the desktop.
-------------------- If I have helped you then please consider donating so I can continue the fight against malware
All donations go directly to the helper |
|
|
|
|
Nov 14 2009, 04:58 AM
Post
#51
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
Actually I am not blocking Explorer.EXE, I am rather blocking Explorer.EXE to access the internet as the rationale is not clear to me why explorer.EXE would be tryin to connect internet. Also it prompts to configure iexporer in such a way that this connection can be made always, for some unknown reason that I fail to understand.
My explorer is running and everything is in place so it's not clear why it needs internet access and with whom it wants to connect. |
|
|
|
|
Nov 14 2009, 10:06 AM
Post
#52
|
|
|
Forum Addict Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685 |
Thiat's discussed in the following link from a couple of years ago. See if it clears up what is going on.
http://www.pctools.com/forum/archive/index.php/t-45838.html -------------------- If I have helped you then please consider donating so I can continue the fight against malware
All donations go directly to the helper |
|
|
|
|
Nov 16 2009, 04:31 PM
Post
#53
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
Thanks for the link, I read and understand.
I hope you are not waiting for something from me now. If yes, let me know. |
|
|
|
|
Nov 16 2009, 05:07 PM
Post
#54
|
|
|
Forum Addict Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685 |
I have had someone else looking over the GMER logs and that is the reason there was so many questions asked. At this time we don't see anything that is Malware related.
I really would like to be able to say more than this after all we have done but you may be looking at some kind of disk problem or some of your other software. The only thing that comes to mind is using something like StartUpLite where only the needed program are running at startup and see if that makes a difference. If it did then you could start with one at a time seeing if you could find a program which was at fault. I don't advise go around the Internet without an antivirus up and running buy you might even try to disable your Symantec and work offline to eliminate any issues with it. I have no idea if that is what it is but sometimes through a process of elimination you can find the solution if it is not hardware related. If it was then you would need to talk to somebody who knows more about that end of it. -------------------- If I have helped you then please consider donating so I can continue the fight against malware
All donations go directly to the helper |
|
|
|
|
Nov 17 2009, 05:25 AM
Post
#55
|
|
|
Member Group: Members Posts: 29 Joined: 15-October 09 Member No.: 390,538 |
Hi thewall,
I don't see life in binary that means believing the world around us can have only 2 states 'Success' or 'failure'. So when we concluded after more than a month with 55 posts that no malware is found in my PC, it's more than enough to me and I have no appropriate words to thank you for your time and efforts. In my office people already suggested to change the hard disk as it creates some abnormal sounds but again you know for them in the earth the only solution is formatting or replacing hardwares. I don't have any problem doing that but I needed a justification of doing that and you with your vast knowledge has provided me that. More of software, my intution says it's hardware and this lot of T61 had many instances of hard disk and network card failures. So can you refer me some forum like this who can identify where the problem could be. Otherwise may be one by one I have to replace all parts of my laptop to find out the problem. Thanks for the startuplite, I started using that. I would surely be back in this forum in future as this is great place to learn many things. For now I think, we can close this thread if you don't think otherwise. Once again my most sincere thanks for all your helps |
|
|
|
|
Nov 17 2009, 07:32 PM
Post
#56
|
|
|
Forum Addict Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685 |
Thank you for the kind post, you have been a pleasure to work with and I really do hope you get everything straightened out.
It could very well be that this is a hardware problem. Symptoms are often interchangeable with the issues that we face. Malware cam mimic hardware and software issues and vice versa so it becomes as I said in my last post a process of elimination. Here is the LINK to our Internal Hardware forum and if you have specific questions they should be able to help you there. I believe we can go ahead and remove ComboFix and GMER since you won't need them now and if you did in the future you would want updated versions because these programs are changing rapidly. Uninstall Combofix
You can just delete GMER from your desktop. If you get everything straightened out or even if you wind up doing a reinstall send me a PM and I will give you a list of preventive programs you can use to help you in the future. Best of luck to you  thewall -------------------- If I have helped you then please consider donating so I can continue the fight against malware
All donations go directly to the helper |
|
|
|
|
Nov 20 2009, 10:16 AM
Post
#57
|
|
|
Forum Addict Group: HJT Team Posts: 4,398 Joined: 19-June 07 From: Florida Member No.: 137,685 |
This Topic has been closed.
If your the topic starter, and need this topic reopened, please contact me via pm with the address of the thread. Everyone else please begin a New Topic. -------------------- If I have helped you then please consider donating so I can continue the fight against malware
All donations go directly to the helper |
|
|
|
|
3 User(s) are reading this topic (3 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 24th November 2009 - 04:27 PM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.