Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my computer infected??


  • Please log in to reply
9 replies to this topic

#1 Techyguy

Techyguy

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 12 January 2010 - 02:19 PM

Hi friends, I have Dell Inspiron laptop with windows vista installed in it. When i open the task manager I always find the processor usage dwindling from 5% to 50%. It keeps on changing. I heard that this will happen when my computer is infected with virus. I do have Norton anti virus protection and its upto date and never showed any infection being present in my laptop. Is there any solid way to find out if my laptop is infected or not? Please reply me fast. :thumbsup:

BC AdBot (Login to Remove)

 


#2 roadclosed

roadclosed

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Local time:11:45 AM

Posted 12 January 2010 - 03:10 PM

Apart from Norton Antivirus , what other protection programs (e.g Malwarebytes/Superantispyware ) do you have? Have you run any scans and if so can you let us see their reports for someone to check out for you?

#3 Techyguy

Techyguy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 13 January 2010 - 08:52 AM

I do have malwarebytes software installed. The log after running a quick scan on my computer the log it generated is in this format.

Malwarebytes' Anti-Malware 1.44
Database version: 3553
Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

13-01-2010 19:20:03
mbam-log-2010-01-13 (19-20-03).txt

Scan type: Quick Scan
Objects scanned: 100434
Time elapsed: 7 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Please let me know if I should provide any other logs.

#4 roadclosed

roadclosed

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Local time:11:45 AM

Posted 13 January 2010 - 02:12 PM

That seems clean

with windows vista installed

Do you have any other programs installed such as Superantispyware which is compatible with Vista

http://www.superantispyware.com/supportfaqdisplay.html?faq=6

SUPERAntiSpyware.com software is compatible with 2000, XP Home/Professional, 2003, Server 2008, Vista and Windows 7.




When i open the task manager I always find the processor usage dwindling from 5% to 50%. It keeps on changing.


Have you checked to see if you have a Windows update awaiting installation?

#5 Techyguy

Techyguy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 14 January 2010 - 03:16 PM

I dont have any other anitvirus software installed in my computer apart from norton and malwarebytes.

Have you checked to see if you have a Windows update awaiting installation?


Yup I saw an update today itself but it was not there previously. I am updating my computer now and will tell u if there is any change in the processor usage...

By the way do you think that my computer is infected with virus?? Can we say that by looking at the processor usage??

Edited by Techyguy, 14 January 2010 - 03:19 PM.


#6 roadclosed

roadclosed

  • Members
  • 138 posts
  • OFFLINE
  •  
  • Local time:11:45 AM

Posted 14 January 2010 - 03:37 PM

Could you please try this Superantispyware program once you have completed your Windows Update and rebooted


Please download
Superantispyware
  • Load Superantispyware and click the check for updates button.
  • Once the update is finished click the scan your computer
    button.
  • Check Perform Complete Scan and then next.
  • Superantispyware will now scan your computer and when its finished
    it will list all the infections it has found.
  • Make sure that they all have a check next to them and press
    next.
  • Click finish and you will be taken back to the main
    interface.
  • Click Preferences and then click the statistics/logs
    tab. Click the dated log and press view log and a text file will
    appear.Copy and paste the log onto the forum.
Depending on how much is on your computer this scan may take well over an hour if not a lot longer to complete so please be patient and let it scan .

Norton is known to be a computer resourse hogger; of interest when did you last update Norton?

You are welcome to try an on- line scanner such as Trend micro from


http://housecall.trendmicro.com/

#7 Techyguy

Techyguy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 17 January 2010 - 01:34 PM

Sorry guys for the late reply... I have successfully downloaded the super anti spyware and have found 9 adware tracking cookies which were quarantined. I am pasting the log I got from that. So what is my next step?

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/17/2010 at 11:54 PM

Application Version : 4.33.1000

Core Rules Database Version : 4486
Trace Rules Database Version: 2303

Scan type : Complete Scan
Total Scan Time : 00:44:50

Memory items scanned : 796
Memory threats detected : 0
Registry items scanned : 7343
Registry threats detected : 0
File items scanned : 33469
File threats detected : 9

Adware.Tracking Cookie
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@content.yieldmanager[1].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@indianpornvideos[1].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@ads.undertone[2].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@content.yieldmanager[3].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@richmedia.yahoo[1].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\rajhari@ad.yieldmanager[2].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\Low\rajhari@ad.yieldmanager[1].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\Low\rajhari@content.yieldmanager[1].txt
C:\Users\rajhari\AppData\Roaming\Microsoft\Windows\Cookies\Low\rajhari@richmedia.yahoo[1].txt


Yup even I heard that norton is a resource hagger but that was after i brought it... so couldnt help... I am updating it online everyday...

Edited by Techyguy, 17 January 2010 - 01:36 PM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,059 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:45 AM

Posted 17 January 2010 - 02:01 PM

The scan only found cookies.

Cookies are text string messages given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information. The main purpose of cookies is to identify users and prepare customized Web pages for them.
  • Persistent cookies have expiration dates set by the Web server when it passes the cookie and are stored on a user's hard drive until they expire or are deleted. These types of cookies are used to store information between visits to a site and collect identifying information about the user such as surfing behavior or preferences for a specific web site.
  • Session (transient) cookies are not saved to the hard drive, do not collect any information and have no set expiration date. They are used to temporarily hold information in the form of a session identification stored in memory as you browse web pages. These types of cookies are cached only while a user is visiting the Web server issuing the session cookie and are deleted from the cache when the user closes the session.
The type of persistent cookie that is a cause for some concern are "tracking cookies" because they can be considered a privacy risk. These types of cookies are used to track your Web browsing habits (your movement from site to site). Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. They are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners. Cookies are NOT a "threat". Cookies cannot be used to run code or to deliver viruses to your computer. As text files they cannot be executed to cause any damage. Cookies do not cause any pop ups or install malware.As long as you surf the Internet, you are going to get cookies and some of your security programs will flag them for removal. However, you can minimize this by referring to:

I always find the processor usage dwindling from 5% to 50%. It keeps on changing. I heard that this will happen when my computer is infected with virus.

That can occur even with a clean system. It is not uncommon to have a lot of running processes showing in Task Manager and utilzing system resources. I have 35 showing in my system at the moment including five instances of svchost.exe which are using over 550 MB.

Most of the processes in Task Manager will be legitimate as shown in these links.Determining whether a file is malware or a legitimate process sometimes depends on the location (path) it is running from. One of the ways that malware tries to hide is to give itself the same name as a critical system file. However, it then places itself in a different location (folder) than where the legitimate file resides and runs from there. Another techinique is for the process to alter the registry and add itself as a Startup program so that it can run automatically each time the computer is booted. A file's properties may give a clue to identifying it. Right-click on the file, choose Properties and examine the General and Version tabs.

Tools to investigate running processes and gather additional information to identify them and resolve problems:These tools will provide information about each process, CPU usage, file description and its path location.

Anytime you come across a suspicious file or one that you do not recognize, search the name using Google <- click here for an example.

Or search the following databases:If you cannot find any information, the file has a legitimate name but is not located where it is supposed to be, or you want a second opinion, submit it to Jotti's virusscan or VirusTotal. In the "File to upload & scan" box, browse to the location of the suspicious file and submit (upload) it for scanning/analysis.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Techyguy

Techyguy
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:15 PM

Posted 18 January 2010 - 02:16 PM

Thank you Quietman for the information. I really learnt more about Cookies today. Right now in my computer there are about 58 processes running and i guess i need to research on them.

Do u think that this kind of dwindling can be a problem because of less resources like less memory or something. I have 2Gb ram in my laptop and most of the time i see that my physical memory usage is above 50%. Will adding more memory to it reduce this kind of dwindling? I like this laptop very much and I dont want anything to affect this.

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,059 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:45 AM

Posted 18 January 2010 - 02:21 PM

You may have too many applications loading at startup when Windows boots. Almost all applications you install want to startup when Windows loads. If you allow all these startups, they will compete for and use system resources resulting in poor performance and a slow system. Many of these programs are not needed and disabling them can save resources and improve performance as they from Start > Programs or an icon on the desktop. Other reasons for slowness include disk fragmentation, disk errors, corrupt system files, unnecessary services running, not enough RAM, dirty hardware components, etc. As your system gets older it becomes filled with more files/programs and has a natural tendency to slow down so cleaning and regular maintenance is essential. For more information about trimming down the number of startup applications and other ways to improve performance, please refer to Slow Computer/Browser? Check here first; it may not be malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users