Friend brings me a computer compiling that it is 'insane' and very slow. Says it takes 20 minutes to log in then cant do anything and here pictures have disappeared. I'm immediately suspect of virus or malware.
She has it in sleep mode and when I bring it up, sure enough there are multiple svchost processes running and system is pretty unresponsive even though % utilized is averaging 10% and memory is only 25-35%, just takes 1-2 minutes for processes to start or switch to. Files are missing since user is now under a temporary profile. Cant get to anything on the net, wireless and drive lights are almost constant. System has Malwarebytes on it, but its not running and doesn’t seem to launch, even after shutting off the wireless card with he manual switch. After 30 minutes I figure will need to boot from a flash drive and clean up the system before trying to recover the profile. Shut the system down and set it aside for later.
Coming back up, ran a chckdsk with no major finds. Tried to log in with both accounts on the machine and system would hang. When attempting to boot in safe mode, would get to classpnp.sys and was hung for 20 minutes with solid drive light before I shut it down again. Multiple re-boots and I was able to get it to log in with a temporary profile again. Malwarebytes was able to come up after killing all svchost processes. PC rebooted in the middle of mbam prepatory scan.
Sure looks and smells likes its infected. Any recommendations as to corrective actions? Just looking to get to the point where I can pull the files off and move to a replacement PC.
Edited by explative removed, 09 December 2015 - 10:22 PM.