Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Checking for malware


  • Please log in to reply
3 replies to this topic

#1 Nikas

Nikas

  • Members
  • 650 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Singapore
  • Local time:06:47 AM

Posted 21 September 2011 - 10:43 AM

Hi,

I have recently changed my motherboard as the previous one died. Thus, reformatting my PC.
I installed a few programs here and there, now my PC is running very sluggish and slow. Taking up almost all the CPU and RAM usage by just running browser and running a full virus scan. I understand that CPU would be pretty high due to the resources needed for running scan.

Posted Image

I just would like to isolate any software/malware issue before looking into other methods to resolve it.

Let me know what to do next.

Thanks.

BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,475 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:47 PM

Posted 21 September 2011 - 01:34 PM

Investigating High CPU Issues:
Windows Task Manager does not provide enough information. These are tools to investigate running processes, services and gather additional information to identify them or resolve problems:These tools will provide information about each process, CPU usage, file description and its path location Most of them are stand-alone apps in a zip file so no installation is necessary.

-- System Explorer provides a security check of running processing using their online security database when you first launch the program. Just press the Security Scan tab at the top, then click Start Security Check. After the check you can click the link to See the results of the security check >>. Keep in mind, that the check is not a guarantee of what is or is not detected as malware.

-- Process Explorer shows two panes by default: the upper pane is always a process list and the bottom pane either shows the list of DLLs loaded into the process selected in the upper pane, or the list of operating system resource handles (files, Registry keys, synchronization objects) the process has open. In the menu at the top select View > Lower Pane View to change between DLLs and Handles.


The speed and ability to complete an anti-virus or anti-malware scan depends on a variety of factors.
  • The program itself and how its scanning engine is designed to scan: using a signature database vs heuristic scanning or a combination of both.
  • Options to scan for spyware, adware, riskware and potentially unwanted programs (PUPS).
  • Options to scan memory, boot sectors, registry and alternate data streams (ADS).
  • Type of scan performed: Deep, Quick or Custom scanning.
  • What action has to be performed when malware is detected.
  • A computer's hard drive size.
  • Disk used capacity (number of files to include temporary files) that have to be scanned.
  • Types of files (.exe, .dll, .sys, .cab, archived, compressed, packed, email, etc) that are scanned.
  • Whether external drives are included in the scan.
  • Competition for and utilization of system resources by the scanner.
  • Other running processes and programs in the background.
  • Interference from malware.
  • Interference from the user.
-- Using two security scanning engines at the same time can cause each to interfere with the other, cause systems hangs, false detections, unreliable results and other unpredictable behavior.

-- If the screensaver, hibernation or Sleep Mode are not turned off before scanning, those features can sometimes have odd effects when attempting to resume normal mode.


Further, it is not unusual for an anti-virus or anti-malware scanner to be suspicious of compressed, archived, .cab, .rar, .jar, .iso, and packed files because they have difficulty reading what is inside them. These kind of files often trigger alerts by security software using heuristic detection because they are resistant to scanning (difficult to read). This resistance may also result in some scanners to stall (hang) on these particular types of files or just ignore (skip) them. Certain files in the System Volume Information Folder like the Tracking.log (created by the Distributed Link Tracking Service to store maintenance information) have also been reported as a source causing some scanners to hang.

To speed up your scans, uninstall unnecessary programs, clean out the temporary files, temporarily disable any other real-time protection tools, close all open programs and do not use the computer during the scan. If the scan still seems slow or hangs, then try performing the scan in "safe mode".

Edited by quietman7, 21 September 2011 - 01:37 PM.

.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Nikas

Nikas
  • Topic Starter

  • Members
  • 650 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Singapore
  • Local time:06:47 AM

Posted 22 September 2011 - 07:42 AM

Hi,

Thank you for your reply.

I will try out the investigation of the CPU usage. I'm not exactly bothered by that issue, since I understand that by running the scans and other task will risk having a near-full usage (especially on a 3 year + pc setup).

I am running a dual monitor, 19" and 32" LCD (for watching show), had already unplug the setup to the 32". Was wondering if the sluggishness might be caused by my graphics card barely being able to support.
Thus, before I continue to investigate on any other possible cause, I was thinking to make sure that my PC is out of malware risk.
At least that would allow me to narrow down my investigation.

As for the antivirus scan I was running last night, there is nothing being found as yet.

P.S: As I was typing, I experience a sudden hang (for about 5sec) with bg running 7zip only.

#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,475 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:47 PM

Posted 22 September 2011 - 07:59 AM

You can get a second opinion by performing an Online Virus Scan.

Please perform a scan with Eset Online Anti-virus Scanner.
  • If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
  • Vista/Windows 7 users need to run Internet Explorer/Firefox as Administrator. To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
  • Click the green Posted Image button.
  • Read the End User License Agreement and check the box:
  • Check Posted Image.
  • Click the Posted Image button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check Posted Image and make sure that the option Remove found threats is NOT checked.
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop as ESETScan.txt.
  • Push the Posted Image button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users