1 2 Previous Next 18 Replies Latest reply on Dec 23, 2014 6:14 PM by Peter M

    Whats going on with my system?

    quik66

      System running Windows 7 Home Premium...  Service pack 1...  64-bit system.  the System is a Dell, 4GB RAM, Intel i3 processor...

       

      Due to a "virus" issue, I recently replaced the entire hard drive, and reloaded the OS, McAfee Security Suite, MS Office and a few other programs I use...     I have yet to reload any of my backup data (photos mostly)...

       

      I have McAfee Security Suite (through AT&T Uverse), and I have been running Full scans (manually initiated) 2-3 times per week...  I think Microsoft Defender may still be running, but not sure.

      Everything was fine until today...  I noticed the system was VERY slow... I also noticed that when I tried to download a .pdf catalog from several companies (reputable), the files would download, and a popup said something about my security software did not allow the download ( I had downloaded other .PDFs recently -work stuff I sent to myself , etc. with no problems, and the popup did NOT mention "McAfee").

       

      As I am writing this, I am having some issues with the text...

       

      Ran a scan, and nothing (McAfee found nothing)...   I rebooted, and ran a scan in safe mode, and NOTHING... 

       

      Opened Task manager, and in the "processes", I saw NUMEROUS processes that were running, but running and using more memory then I have EVER seen...   I figure something is definitely wrong, but I don't know what...

       

      Here's a list of the processes I noted, that seem to be the problem:

      Fixmapi.exe*32

      msfeedssync

      logagent.exe

      wextraxct.exe

      wiaacmgr.exe

      dpnsvr.exe*32"open file location"...  I tried to delete, but I can't because

      dllhost.exe*32

      cmmon32.exe

      ctfmon.exe*32

      dplaysvr.exe

      systray.exe*32

      NAPSTAT.exe

      upnpcont.exe*32

      svchost.exe*32

       

      Most of these show using memory of 50,000K to 900,000+ K...   I honestly NEVER saw any of these processes before ( aside from the svchost and dllhost) when I was having my previous issues, and I don't recall seeing any process using more than 130,000K (Internet Explorer, maybe), EVER...    I also saw several of the same processes open.  So I am pretty sure something is wrong...

       

      Within Task manager, I have been trying to "end process tree", and they all close, but they usually pop back up quicker than I can end them...  Right clicked on a process, and the pull down opened, clicked on the process, and tried to delete, but "access denied"...  "you need permission from the Trusted Installer..." 

       

      So far ALL of these processes are located in the Windows\sysWOW64 folder...

       

      Please Help!

       

      Tony

        • 1. Re: Whats going on with my system?
          quik66

          Screen shot at 10:44 PM (PST)...  Note all the processes circled in "red" that aren't on the task manager just 3 minutes before...   The stuff in "green" is what I am working with...

           

          Here's the 10:41 screen shot...taskmgr 10 44.jpgtaskmgr 10 41.jpgSome additional info...

           

          Right after posting, I "updated" my McAfee files again, and am running a full scan...   To make things faster, I was deleting processes in Task manager as fast as I could, and then noticed the processes were popping up less frequently WHILE the McAfee scan is running... 

           

          the big processes running now are

          dwm.exe  27,700 K (desktop)

          explorer.exe 12,000 K ( I was looking at the sysWOW64 files)

          iexplore.exe 121,500 K  (internet)

          McUICnt.exe 23,800 K (McAfee scan)

          Taskhost.exe 6,300 K

          taskmngr.exe & winlogin.exe about 3,000 K

          everything else is about 1800 K or less...  For the past 3-4 minutes...

           

          oops, spoke too soon, just had 7 pop up quickly..  "end process tree" and they stayed off for another 3-4 minutes...

           

            And again, another 3-4 minutes of limited activity, and then bam...  numerous processes start again...   And all one's from the list

           

          New one

          powershell.exe*32

           

          Now one of the processes can't be ended,  "access denied"

           

           

          Wow...   a huge influx of processes opening...  I couldn't keep up (literally like 20+ opened and kept opening as fast as I could "end" them...

           

          Then all of a sudden, ALL of them closed within about 4 seconds...  latest scan about 97% completed...

          • 2. Re: Whats going on with my system?
            quik66

            Scan completed...  NOTHING found...

             

            BUT, 265,000 files scanned...

             

            BUT

             

            earlier tonight it only scanned 125,000 files...    Similar the last few weeks, so it seems to be adding files to my system...

            • 3. Re: Whats going on with my system?
              Peacekeeper

              First let us try an few scanners and see what they detect

               

              Try getsusp it will passon anything suspect to McAfee and update you re anything they find provided you add your email address to its preferences

              Malwarebytes install the free version do not accept the free trial of the premium version  as it could clash with McAfee.

              Adwcleaner

              see what they say.

               

              before running them clean up all internet temp files and windows temp files. you can use windows disk cleaner  for this.

              Anti-Spyware/Malware & Hijacker Tools

               

              depending on the result I will move this post to malware discussion area if the above find anything.

               

              Re scanning were all these the same scanning method is all scheduled or all full scans?

              • 4. Re: Whats going on with my system?
                Peter M

                Moved provisionally out of Consumer/main to Malware Discussion/Home User Assistance.

                Moderator

                • 5. Re: Whats going on with my system?
                  quik66

                  Thanks,

                  I was talking to a coworker this morning (IT experience), and he suggested turning off Windows Defender and MS Essentials?    He also mentioned that perhaps its not a virus, but rather a conflict with these programs and McAfee...  When I reinstalled the McAfee SS (after my new Hard drive), I don't recall turning off Defender, and I hadn't heard of essentials...

                   

                  He also suggested that since it is currently listed as Service Pack1, (should be SP3?), that perhaps thats another reason its currently running slower than usual.

                   

                  I'll try the "getsusp"

                   

                  Malwarebytes (I was running the free version on my old hard drive)...

                   

                  Re scanning, yes, these were all "full scans" prompted by me.   Yesterday I scanned 4 times; two scans from "safe mode" and two just while under normal operation...

                   

                  Thanks

                  • 6. Re: Whats going on with my system?
                    Peter M

                    I'll interject here as Tony (Peacekeeper) is off at the moment.  Windows 7 should be SP1 not SP3 (no such thing) so you are OK there, but you must make sure you have IE11 installed as McAfee relies on it, even if you don't ever use IE.

                    Also Windows Defender is OK in Windows 7 (but not in Windows 8 and above as those contain an antivirus which will clash with McAfee), however, MS Essentials should be uninstalled as it is guaranteed to clash with McAfee software.

                    • 7. Re: Whats going on with my system?
                      quik66

                      Ex_Brit,

                       

                      Thanks,

                      I'll check tonight ( if I don't get home too late- exhausted from staying up late last night with this issue) to see that I have IE11 installed.   I'll also check and uninstall MS Essentials, and see what that does...

                       

                      Thanks...

                       

                      Tony (Quik66)

                      • 8. Re: Whats going on with my system?
                        Peter M

                        OK, good luck ;-)

                        • 9. Re: Whats going on with my system?
                          quik66

                          Running  Internet Explorer 11

                          I checked for Microsoft Essentials ( Microsoft Security Essentials?) in the Control Panel/Programs/programs and Features/Turn Windows Features off...  and looked for MSSE (or similar) in the "processes (task manager).    Didn't find anything...

                           

                          I tried to download malwarebytes rootkit (Beta)...  But I got a popup saying my "Security Settings do not allow the file to download"...

                           

                          So I am on my kids computer right now.  I downloaded the Malware bytes Root kit AND the free version of malware bytes and Chameleon (sp?) onto a flash drive...

                           

                          I am not sure how I transfer the Malwarebytes (MBam) to my computer...   just plug in the flash drive and then boot up?    Should I boot in "safe mode"?  or will Safe Mode block me from installing the Mbam root kit tool?   Should it be "safe mode with networking"?  I think I read that in the "Getsusp" info peacekeeper posted above...

                           

                          I hope it doesn't ask for Administrator password, because I never set on up (never prompted)...

                           

                          Anyway

                           

                          I am going to try and clean the temp files, then try the Mbar application and see what happens...

                           

                          Why Malwarebytes and not McAfee's "root kit" tool?

                           

                          Thanks again, I'll let you know what I find...

                           

                          Tony

                          1 2 Previous Next