Something Strangling my Mom's Hard Drive

Discussion in 'other software & services' started by Brandonn2010, Aug 14, 2012.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Ever since I ran a full scan a few days ago with the Kaspersky Rescue Disk on my Mom's laptop, it has been running very slowly. I don't think it was from the Rescue Disk, since it found nothing.

    It is a few year old Compaq laptop, with a Pentium Dual-Core, 3GB of RAM, and a Samsung HDD. I ran a test on the memory and HDD, and they both were fine.

    It takes a while after logging in just for Avast! and OA free to load, and a while longer to be able to do anything.

    I checked resource monitor after I finally got it to load. The disk i/o was maxed on the little graphic, at at 100% it said.

    The main ones were:

    svchost.exe (netsvcs) C:\Windows\SoftwareDistribution\Datastore\DataStore.edb

    svchost.exe (LocalSystemNetworkRestricted) C:\$Mft (NTFS Master File Table) PID 1000

    There were lots of the second one with PID 1000, but the C:\$Mft one used the most disk i/o

    Also at the very start after logging in were two explorer.exe 's. One was in the Windows folder, the other in C:\Users\*\AppData\Local\Temp

    Is that normal? Should there be an explorer.exe there ever? It was using a lot of disk i/o, but it went away after a while, and I could never find it in that folder.

    Any input appreciated.
     
  2. cincinnatijack

    cincinnatijack Registered Member

    Joined:
    Jul 3, 2010
    Posts:
    93
    Try creating new user account and using that for testing, your current user account may be compromised.
     
  3. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Well I was running the Ultra Virus Killer portable, and after running some of the repair options, it asked me to reboot. I did and it went into Startup Repair, and it failed to repair it. Considering the infection and the slowness, plus the fact I indirectly ruined it with UVK, I have decided to restore the factory image, and after that, I will dual-boot Linux Mint on it, and try to get her to use that, since it should run with no problems compared to Vista, and it wouldn't be able to get malware.

    I was wondering though if malware could have infected the factory image?
     
Loading...
Thread Status:
Not open for further replies.