Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infectiopn Supposedly Gone, But Computer Still Running Slow


  • Please log in to reply
1 reply to this topic

#1 dovertm

dovertm

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:08:25 AM

Posted 04 November 2009 - 09:24 AM

I have spoken with both McAfee and Windows Defender regarding the viruses that I keep getting. In all the years I have not had one and now I think one might be entrenched somewhere deep in my system or there is a back door. Twice Windows Defender has fund a virus called Daurso.A and both times it has been quarantined and removed successfully. In addition, McAfee keeps showing Artemis!1EoF82E7BDA9. When I spoke with McAfee they said that the Artemis! was just similar to a virus in their database, but the file I have came from HP. They also told me that Daurso was not a virus where are Windows Defender tells me it is a virus. So I did some of my own research and discovered that Duarso steals FTP credentials. So after even further research I changed my FTP settings in FileZilla so that each time I make a connection it asks for the password and the password is no longer stored in the default FileZilla text file. This seems to have stopped the website hacking that was going on.

But my issue is that ever since this started happening my computer resources are being eaten up very quickly, making my computer run very slow. I ran Autoruns and started comparing the files against the database you have here but was overwhelmed by sheer number of entries. Several files seem to be legitimate but are also considered viruses and I am just not sure whether to delete them or not. But the bottom line is I need help and am not sure where to start short of backing up all of my files and restoring the hard drive to its original state.

Thank you in advance for any help you can provide.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:25 AM

Posted 04 November 2009 - 11:30 AM

Most of the processes in Task Manager will be legitimate as shown in these links.Anytime you come across a suspicious file or one that you do not recognize, search the name using Google or the following databases:Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location (folder) than where the legitimate file resides and runs from there. Another techinique is for the process to alter the registry and add itself as a Startup program so that it can run automatically each time the computer is booted. A file's properties may give a clue to identifying it. Right-click on the file, choose Properties and examine the General and Version tabs.

Tools to investigate running processes and gather additional information to identify them and resolve problems:These tools will provide information about each process, CPU usage, file description and its path location If you right-click on a file and select properties, you will see more details.

Anytime you come across a suspicious file which you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users