I suspect Malware is hogging my PC

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by barvan, Feb 14, 2006.

  1. barvan

    barvan Private E-2

    My PC has been acting strangely of late and I cannot seem to find a solution. I wish to retain my currently installed programs - so re-installing Windows XP is not an option at the moment.

    It seems that the system is continually copy and pasting the current Windows desktop including any open folders and applications which is slowing down the PC and effectively disabling the standard Windows copy and paste function. The current window also loses focus at irregular intervals. When you launch any application the application is opened in the background and doesn't receive focus. Furthermore a see a lot of activity on the LAN notification icon on the WinXP notification area - it sends and receives about 5KB a second (even if the adsl router connection to the internet is unplugged or if I rip out my network cable).

    Under the task manager I notice some activity by winlogon.exe. I've checked another PC and there the winlogon uses 0% of the cpu time. I deleted system32\winlogon.exe but it was recreated immediately (from system32\winlogon.exe.tmp it seems. I can even rename the tmp file, delete the winlogon.exe file and winlogon.exe simply gets recreated.

    I'm using WinXp SP2 and McAfee Internet security & AntiSpyware 2006. McAfee doesn't report a virus.

    Can anyone please help me??????????????????????????
    I need to work and my programming work requires lots of copying and pasting!!!!!!!!!!!!!!
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to MGs!

    You are lucky you did not successfully delete system32\winlogon.exe. If you had, you would not be able to login to your PC. It is a required and very important Windows system process that you should not be touching.

    Let's see if this is malware or not. Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.

    - Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:

    Downloading, Installing, and Running HijackThis

    .
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds