gerlis
asked on
Slow, unstable Win XP PC, is malware the cause? (backweb-8876480.exe genuine or not?)
Unashamedly I am copying verbaimt a message from one of our clients. He's running Win XP.
Any ideas as to what might be the cause oof his unstable PC. I suspect the so-called virus is actually not malware but genuine (it's a Logitech process apparently), alos the link he gives I think is dodgy. I've not had a chance to do anything on his PC myself, yet.
---
Can I ask a quick question about my PC – it has been playing up and there seems to be a new program hanging around call backweb-8876480.exe – (see embedded screen-grab image) for the file location of the exe and a load of other stuff. Had a quick look on the web and was not 100% sure if it is legit or a virus. The pc is running very slow and it seems to have multiple instances of IEXPLORE running and messages such as your last explorer session terminated unexpectedly, do you want to restore the previous browsing page or return to home page. Also the PC freezes intermittently for a few minutes when trying to access programs.
I found this link to a report of the virus and something that would remove it but I did not want to do anything as I was not sure if this site was legit and if I do have the virus:
http://www.iobit.com/exedll/backweb-8876480-exe.html
I am running a good AV program (PC Tools with Spyware) and I ran the malware bites and CClean and nothing seems to have located this virus if that is what it is… the pc has been really running badly the last few days and it seems that all these PF files etc started around the same time.
---
Any ideas as to what might be the cause oof his unstable PC. I suspect the so-called virus is actually not malware but genuine (it's a Logitech process apparently), alos the link he gives I think is dodgy. I've not had a chance to do anything on his PC myself, yet.
---
Can I ask a quick question about my PC – it has been playing up and there seems to be a new program hanging around call backweb-8876480.exe – (see embedded screen-grab image) for the file location of the exe and a load of other stuff. Had a quick look on the web and was not 100% sure if it is legit or a virus. The pc is running very slow and it seems to have multiple instances of IEXPLORE running and messages such as your last explorer session terminated unexpectedly, do you want to restore the previous browsing page or return to home page. Also the PC freezes intermittently for a few minutes when trying to access programs.
I found this link to a report of the virus and something that would remove it but I did not want to do anything as I was not sure if this site was legit and if I do have the virus:
http://www.iobit.com/exedll/backweb-8876480-exe.html
I am running a good AV program (PC Tools with Spyware) and I ran the malware bites and CClean and nothing seems to have located this virus if that is what it is… the pc has been really running badly the last few days and it seems that all these PF files etc started around the same time.
---
you can use malwarebytes
http://www.malwarebytes.org
Boot the computer in safe mode and run malwarebytes and antivirus
Make sure your definitions are upto date
you can even use some free online scanning tools as well like the one provided by symantec
http://security.symantec.com/sscv6/WelcomePage.asp
In last take out the harddrive of the computer, plug it in to another computer via usb external jacket and scan it thoroughly
http://www.malwarebytes.org
Boot the computer in safe mode and run malwarebytes and antivirus
Make sure your definitions are upto date
you can even use some free online scanning tools as well like the one provided by symantec
http://security.symantec.com/sscv6/WelcomePage.asp
In last take out the harddrive of the computer, plug it in to another computer via usb external jacket and scan it thoroughly
The user has already said he has used MalwareBytes. Also, MalwareBytes is designed to be run in normal mode and not safe mode.
If still worried about viruses, you can always use a bootable antivirus CD to do an offline scan. MS do one here: http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
If still worried about viruses, you can always use a bootable antivirus CD to do an offline scan. MS do one here: http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
is your XP updated to SP3 and the latest updates?
as for the slowness, what specs do you have ? cpu ram, and disk + free space
as for the slowness, what specs do you have ? cpu ram, and disk + free space
It could be something as simple as a full hard drive. It seems that this might be the case since he did say that when he runs programs it takes a while to start. That is a symptom of a full hard drive as well.
You should always have more than 10% free hard drive space, preferably 15%.
You should always have more than 10% free hard drive space, preferably 15%.
that's why i asked for the free space - just above
ASKER
Thanks to all. I have not been able to see this PC, but I did advise that he ran Malwarebytes in safe mode, from my experience ofen only in that mode will it detect and remove certan malware infections.
However he says:
"Ran Malware again in safe mode, nothing found. Then, just this afternoon my AV software [PC Tools with Spyware] ran its regular scan and found 15 infections which it removed – I ran it yesterday and it showed everything to be clear BUT its last smart update had just taken place today before the latest scan so here is hoping that the latest virus definitions did in fact find something on the drive – it certainly cleaned them up.
Time will tell …"
So I am still unsure that he has/had an infection or whether his Windows is the cause of his unstable PC. I will endeavor to find out (from the suggestions above) what free disk space he has, also if he is on SP3 (almost certainly is). Then may need to do some HD diagnostic tests.
I won't know any more until after the weekend.
However he says:
"Ran Malware again in safe mode, nothing found. Then, just this afternoon my AV software [PC Tools with Spyware] ran its regular scan and found 15 infections which it removed – I ran it yesterday and it showed everything to be clear BUT its last smart update had just taken place today before the latest scan so here is hoping that the latest virus definitions did in fact find something on the drive – it certainly cleaned them up.
Time will tell …"
So I am still unsure that he has/had an infection or whether his Windows is the cause of his unstable PC. I will endeavor to find out (from the suggestions above) what free disk space he has, also if he is on SP3 (almost certainly is). Then may need to do some HD diagnostic tests.
I won't know any more until after the weekend.
Malwarebytes should NOT be run in safe mode - use normal mode !
ASKER
He says he ran ran the TDS killer again on my PC and it found some MEDIUM suspicious activity. Since then PC seems more stable. So we don't really know of the cause, perhaps it was due to malware, perhaps something else.
Thanks to all who contributed nonetheless.
Thanks to all who contributed nonetheless.
what about my question ?
>>> as for the slowness, what specs do you have ? cpu ram, and disk + free space
>>> as for the slowness, what specs do you have ? cpu ram, and disk + free space
ASKER
I have asked my user, but no details yet.
ok - waiting then..
ASKER
5Gb left on drive C
1Gb RAM Memory
5 year old Dell
1Gb RAM Memory
5 year old Dell
ok 5GB free out of how much as i asked? it seems very little :
you should have 15% fre space for normal windows operation, to avoid disk trashing
what CPU?
5 year old Dell does not tell me anything - post the exact model and figures
you should have 15% fre space for normal windows operation, to avoid disk trashing
what CPU?
5 year old Dell does not tell me anything - post the exact model and figures
ASKER
5gb out of 160GB
DIMENSION E520 CORE 2 DUO PROCESSOR E630
DIMENSION E520 CORE 2 DUO PROCESSOR E630
5 Gb is way to liitle
first thing to do is free up disk space : uninstall all old, and not used software, or tools
free up space in your data, by putting them on another disk, partition, or DVD, and deleting it from my documents
you can use the disk cleanup from Windows also http://www.microsoft.com/atwork/maintenance/speed.aspx
first thing to do is free up disk space : uninstall all old, and not used software, or tools
free up space in your data, by putting them on another disk, partition, or DVD, and deleting it from my documents
you can use the disk cleanup from Windows also http://www.microsoft.com/atwork/maintenance/speed.aspx
ASKER
He has a partioned, unused, D drive, so I've advised him he can shift data into there. He is also considering buying more RAM memory
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
He's come back with: "...the PC slowed up again and I got these messages (had them last week)"
Malware or not?
Malware or not?
only way to know is to look in his trusted list http://antivirus.about.com/od/securitytips/ht/trustedzone.htm
ASKER
Some success
He changed from PC tools AV and spyware to AVG and after several recent updates to AVG and Malwarebytes runs, he says it looks like that between them they have cleared out any viruses and spyware,
Also, on my advice he has just installed 4 mb RAM – he says a real improvement.
I think we can now close this question and I'd like to thank all who contributed. It wasn't made easy for me as I never actually saw the PC itself and was relying on the user (albeit a pretty savvy one).
Points to nobus for pointing me is certain directions and for staying with it.
He changed from PC tools AV and spyware to AVG and after several recent updates to AVG and Malwarebytes runs, he says it looks like that between them they have cleared out any viruses and spyware,
Also, on my advice he has just installed 4 mb RAM – he says a real improvement.
I think we can now close this question and I'd like to thank all who contributed. It wasn't made easy for me as I never actually saw the PC itself and was relying on the user (albeit a pretty savvy one).
Points to nobus for pointing me is certain directions and for staying with it.
tx for feedback
You could always submit it to to www.virustotal.com and see what it thinks of it when you find it if you're unsure.
Which version of IE is it? Newer versions have a reset function which might fix the issues he has - Control Panel - Internet Options - Advanced tab - "Reset...".
(He may just have some buggy plugins installed.) Update Adobe Reader and Adobe Flash for example.
Odd freezing and slow access can also be down to a dying hard drive. You may get errors in the System Log from source Disk or NTFS. Also, you can install [free] Acronis Drive Monitor and that will report on the SMART status of the drive and warn you if it appears to be failing. http://www.acronis.com/homecomputing/products/drive-monitor/
I recommend you uninstall that app after using it as it conflicts with some USB memory sticks.