[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 147
  • Last Modified:

Virus or otherwise

I'm a computer guy and have come across a second occurrence of this problem.

The computer is very sluggish in responding.

The %temp% folders fills with hundreds of 3 and 4 character folders... takes hours and hours to delete them all.  The computer also starts creating fla*.tmp files as well.   If you remove the computer from the network the folder creation stops.  If you then reboot into safe mode with networking and join a network you can browse without issue.  If you simply reboot the computer, without removing it from a network, the process WILL continue in safe mode.

This is a Windows 7 computer.

Process Explorer doesn't really help a lot since things are bouncing around so much.  DVDUPGRD.EXE seems pretty active.  Searching for DVDUPGRD.EXE on the computer yields 3 files with a creation year of 2009.

The first occurrence of this, back in early Nov of 2014, resulted in wiping the drive and starting over.

Any thoughts?
0
classnet
Asked:
classnet
  • 6
  • 3
  • 2
  • +1
1 Solution
 
pjamCommented:
I believe dvdupgrd.exe is not a concern as it is a Microsoft file.
I would start by opening a elevated CMD window, and running SFC /scannow
0
 
rindiCommented:
Scan the system with malwarebytes (don't use safe mode for this) and allow it to remove whatever nasties it finds.
0
 
Fred MarshallPrincipalCommented:
Scan with:
tdsskiller
Malwarebytes
HitManPro
RogueKiller
ESET Online Scanner
Remove everything they find if given a choice.
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
classnetAuthor Commented:
I had already tried tdskiller, MWB, HitMan...

I will remove the drive, attach to a computer with NOD32 and try that next.
0
 
Fred MarshallPrincipalCommented:
The other possibility I suppose, although I've never seen what you describe, is some hardware problem.
I have found that very slow systems can get that way with a failing hard drive that checks out fine - well, except for the data transfer rate.  So you have to use a transfer rate test program to see that.

70kbps is more or less normal and 2kbps is NOT.  
I had one system that took 45 minutes to boot!  Replacing the hard drive fixed it.  It took a weekend to clone it!

Just a thought.
0
 
classnetAuthor Commented:
NOD32 came up empty.
0
 
rindiCommented:
Have you used msconfig to disable autostart stuff that does something on the LAN which you don't really need?
0
 
classnetAuthor Commented:
Yes... only running MS services.
0
 
Fred MarshallPrincipalCommented:
This sounds a lot like an old bug in Symantec End Point Security.  You didn't say which security programs are running.
0
 
classnetAuthor Commented:
Eset's NOD32 is the installed AV.
0
 
classnetAuthor Commented:
Figured it out... it was the PowerLik virus.
I used this to get rid of it.
0
 
classnetAuthor Commented:
Figured out myself.
0

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

  • 6
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now