Re: Strange Virus Activity



Ty wrote:
All,

Since Monday (10/15) 65% of my office PCs have been plagued by what apears to be a virus. The symptoms are:

- explorer.exe freezes for 5-10 minutes on boot up.
- the Start Button freezes when the menu is displayed.
- Office programs freeze or are slow to open (5-15 minutes).

We have run three different AV scans and nothing is detected. Running task manager reveals nothing - system idle process displays at 85-99%, memory is usually 30% or less utilized.

After 5-20 minutes, the computers appear to "unfreeze" but then run sporadically with marginal performance.

All this began on 10/15 so I don't think it's coincedence or random. Any and all suggestions will be appreciated.

The First Question Of Troubleshooting: what changed between the time things worked and the time they didn't? What is different about these computers? Any software/hardware updates? What kind of firewall do you have in place?

Please review the general malware removal steps here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware

If you followed similar procedures, then you may wish post a HijackThis log on one of the specialty forums listed below (not here, please). You will be given guided help.

http://aumha.org/downloads/hijackthis.zip
http://www.aumha.org/a/hjttutor.htm - HijackThis tutorial by Merijn
http://www.bleepingcomputer.com/forums/index.php?showtutorial=42 - another tutorial
http://aumha.net/ - Click on the HijackThis forum. Read the announcement and the stickies *first*.
http://www.atribune.org/forums/index.php?showforum=9
http://aumha.net/viewforum.php?f=30
http://www.bleepingcomputer.com/forums/forum22.html
http://castlecops.com/forum67.html
http://www.dslreports.com/forum/cleanup
http://www.cybertechhelp.com/forums/forumdisplay.php?f=25
http://www.geekstogo.com/forum/Malware_Removal_HiJackThis_Logs_Go_Here-f37.html
http://gladiator-antivirus.com/forum/index.php?showforum=170
http://spywarewarrior.com/viewforum.php?f=5


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
.