Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Virus or otherwise

Posted on 2014-12-23
12
Medium Priority
?
144 Views
Last Modified: 2015-01-01
I'm a computer guy and have come across a second occurrence of this problem.

The computer is very sluggish in responding.

The %temp% folders fills with hundreds of 3 and 4 character folders... takes hours and hours to delete them all.  The computer also starts creating fla*.tmp files as well.   If you remove the computer from the network the folder creation stops.  If you then reboot into safe mode with networking and join a network you can browse without issue.  If you simply reboot the computer, without removing it from a network, the process WILL continue in safe mode.

This is a Windows 7 computer.

Process Explorer doesn't really help a lot since things are bouncing around so much.  DVDUPGRD.EXE seems pretty active.  Searching for DVDUPGRD.EXE on the computer yields 3 files with a creation year of 2009.

The first occurrence of this, back in early Nov of 2014, resulted in wiping the drive and starting over.

Any thoughts?
0
Comment
Question by:classnet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
12 Comments
 
LVL 17

Expert Comment

by:pjam
ID: 40514742
I believe dvdupgrd.exe is not a concern as it is a Microsoft file.
I would start by opening a elevated CMD window, and running SFC /scannow
0
 
LVL 88

Expert Comment

by:rindi
ID: 40514862
Scan the system with malwarebytes (don't use safe mode for this) and allow it to remove whatever nasties it finds.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 40515111
Scan with:
tdsskiller
Malwarebytes
HitManPro
RogueKiller
ESET Online Scanner
Remove everything they find if given a choice.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:classnet
ID: 40515528
I had already tried tdskiller, MWB, HitMan...

I will remove the drive, attach to a computer with NOD32 and try that next.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 40515924
The other possibility I suppose, although I've never seen what you describe, is some hardware problem.
I have found that very slow systems can get that way with a failing hard drive that checks out fine - well, except for the data transfer rate.  So you have to use a transfer rate test program to see that.

70kbps is more or less normal and 2kbps is NOT.  
I had one system that took 45 minutes to boot!  Replacing the hard drive fixed it.  It took a weekend to clone it!

Just a thought.
0
 

Author Comment

by:classnet
ID: 40516275
NOD32 came up empty.
0
 
LVL 88

Expert Comment

by:rindi
ID: 40516309
Have you used msconfig to disable autostart stuff that does something on the LAN which you don't really need?
0
 

Author Comment

by:classnet
ID: 40516315
Yes... only running MS services.
0
 
LVL 26

Expert Comment

by:Fred Marshall
ID: 40516571
This sounds a lot like an old bug in Symantec End Point Security.  You didn't say which security programs are running.
0
 

Author Comment

by:classnet
ID: 40518386
Eset's NOD32 is the installed AV.
0
 

Accepted Solution

by:
classnet earned 0 total points
ID: 40519768
Figured it out... it was the PowerLik virus.
I used this to get rid of it.
0
 

Author Closing Comment

by:classnet
ID: 40526451
Figured out myself.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question