I think Im infected with a rootkit?

[gogogo]

Hi,

I recently had problems with my hard drive and had to format the whole thing. SO I reinstalled XP Professional and updated it to SP3. Now everything was working smoothly apart when I opened it today. It somehow went a lot slower than it did yesterday and I dont know why.

The problem is that whenever my computer loads up into the main desktop, it takes about 5 minutes to load and the hard drive makes a constant low sound which I think it is doing something like scanning through the drive to find something. Basically, it loads the icons for the LAN and the wireless internet.

I then installed spybot and ran a complete scan but nothing showed up.

Once this is loaded, whenever I try to load my computer or check services.msc, the CPU usage increases by 50% for each. I.e. when I double click on my computer CPU usage increases by 50% when is I try to check out services.msc, it increases by 50% as well for the mmc.exe service. I also hear that low sound coming from my hard drive as if its busy, its not the sound it makes when defragmenting but more quiter.

THen when i try to go on firefox, and the same thing happens when I look at process explorer.

Now something is wrong here.

I have downloaded the Malicious removal tool and it has found nothing in the quick scan. But essentially, everytime I do something new in a program like firefox, say downloading a file for the first time after opening firefox, say the malicious removal tool, it supposed to be 9.5 MB so I clicked it and downloaded it. Firefox froze. Later it says download complete but it only downloaded 1.7MB not the full 9.5MB. So i download it again, it didnt freeze this time and downloaded the whole file. Its these things which slow my computer down and I have no idea what could be the cause.

I read the guide to download the antimalware and after downloading the malicious removal tool, I can download files with no problems, there is no more freezing.

Then I tried to install antimalware but when it almost finished it kinda froze for minutes. I have included a screenshot of process explorer of the cpu usage. SO I had to wait.

Also there was something about hijackthis so I downloaded that as well and installed it.

But when I was about to install, I took a screenshot to show you that any new task I do, the CPU isage like increases by 50%.

See the attachment.

Is there anyway I can return my computer back to normal?

I dont want to keep formatting and formatting and end up with the same problem.

I am currently doing a full malwarebytes scan but I have included the results of a quick scan.

Any help would be much appreciated.

mbam_log_2009_05_07__16_52_46_.txt

mbam_log_2009_05_07__16_52_46_.txt

[miekiemoes]

Hi,

I actually don't see anything suspicious here though..

But when I was about to install, I took a screenshot to show you that any new task I do, the CPU isage like increases by 50%.

But that's totally normal and is supposed to increase CPU when you install something. Mine sometimes goes up till 80% or more, depending what I install.

This is the same when you launch a program, the CPU goes up while you launch it and goes down again then. This is normal Windows behavior.

The problem is that whenever my computer loads up into the main desktop, it takes about 5 minutes to load and the hard drive makes a constant low sound which I think it is doing something like scanning through the drive to find something.

That's most probably your NOD32 causing it.

The Firefox freezing is also a common issue since latest version. I have it as well and it's really annoying.

In anyway, I wouldn't worry here though. As you say, scanners don't find anything, I don't see anything suspicious in your processes either..

But if you want, then please post a HijackThislog so I can see if there are any programs that can be disabled from startup in order to improve startup. As a matter of fact, a DDS scan would be better as it shows more:

Please download DDS and save it to your desktop.

• Disable any script blocking protection
  
• Double click dds.scr to run the tool.
  
• When done, DDS.txt will open.
  
• Click Yes at the next prompt for Optional Scan.
  
• Save both reports to your desktop.
  

---------------------------------------------------

Copy and paste the contents of DDS.txt in your next reply. Do not copy and paste the contents of Attach.txt, but attach it to your reply instead.

[gogogo]

I have a feeling that it isnt eset doing this.

I have had firefox and eset installed from day one after installing SP3. They have been running fine with no problems i.e. I didnt have to wait for desktop to load and didnt have to wait for firefox to load as well as other tasks until today.

The DDS log is below:

DDS (Ver_09-03-16.01) - NTFSx86

Run by Henry at 20:22:11.76 on 07/05/2009

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.2047.1446 [GMT 1:00]

AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated)

FW: ESET Personal firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

C:\WINDOWS\system32\svchost -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe -k LocalService

C:\Program Files\ESET\ESET Smart Security\ekrn.exe

C:\Program Files\ESET\ESET Smart Security\egui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\DllHost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Documents and Settings\Henry\Desktop\dds.scr

C:\WINDOWS\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://allyours.virginmedia.com/wbbadditional

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [unHackMe Monitor] c:\program files\unhackme\hackmon.exe

mRun: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice

mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241458698050

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1241464877187

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\henry\applic~1\mozilla\firefox\profiles\cbwiug9y.default\

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll

============= SERVICES / DRIVERS ===============

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-2-6 106208]

R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-2-6 727720]

S0 Partizan;Partizan;c:\windows\system32\drivers\Partizan.sys [2009-5-7 34760]

S3 MEMSWEEP2;MEMSWEEP2;\??\c:\windows\system32\12d.tmp --> c:\windows\system32\12D.tmp [?]

=============== Created Last 30 ================

2009-05-07 20:09 <DIR> --d----- c:\docume~1\henry\applic~1\WinPatrol

2009-05-07 20:05 <DIR> --d----- c:\program files\BillP Studios

2009-05-07 18:22 28,544 a------- c:\windows\system32\drivers\pavboot.sys

2009-05-07 18:19 <DIR> --d----- c:\program files\Panda Security

2009-05-07 17:54 153,104 a------- c:\windows\system32\drivers\tmcomm.sys

2009-05-07 17:04 34,760 a------- c:\windows\system32\drivers\Partizan.sys

2009-05-07 17:04 32,480 a------- c:\windows\system32\Partizan.exe

2009-05-07 16:44 <DIR> --d----- c:\program files\Trend Micro

2009-05-07 16:35 <DIR> --d----- c:\docume~1\henry\applic~1\Malwarebytes

2009-05-07 16:35 15,504 a------- c:\windows\system32\drivers\mbam.sys

2009-05-07 16:35 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys

2009-05-07 16:35 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes

2009-05-07 16:35 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware

2009-05-07 16:00 2 a--shrot c:\windows\winstart.bat

2009-05-07 16:00 12,752 a------- c:\windows\system32\drivers\UnHackMeDrv.sys

2009-05-07 15:59 <DIR> --d----- c:\program files\UnHackMe

2009-05-07 15:41 <DIR> --d----- c:\docume~1\henry\applic~1\uTorrent

2009-05-07 12:55 1,071,088 a------- c:\windows\system32\MSCOMCTL.OCX

2009-05-07 12:55 118,784 a------- c:\windows\system32\MSSTDFMT.DLL

2009-05-07 12:55 <DIR> --d----- c:\program files\SpywareBlaster

2009-05-07 00:33 5,504 ac------ c:\windows\system32\dllcache\intelide.sys

2009-05-07 00:33 5,504 a------- c:\windows\system32\drivers\intelide.sys

2009-05-07 00:10 <DIR> --d----- c:\docume~1\henry\applic~1\ESET

2009-05-07 00:04 <DIR> --d----- c:\program files\ESET

2009-05-07 00:00 <DIR> --d----- c:\program files\LizardTech

2009-05-06 23:52 <DIR> --d----- c:\program files\Spybot - Search & Destroy

2009-05-06 23:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy

2009-05-06 05:46 <DIR> --d----- C:\1 NTFS_001

2009-05-05 20:40 <DIR> --d----- C:\1 NTFS_000

2009-05-05 19:53 <DIR> --d----- C:\1 NTFS

2009-05-05 17:41 <DIR> --d----- c:\program files\K-Lite Codec Pack

2009-05-05 17:37 <DIR> --d----- c:\program files\Cloudbrain

2009-05-05 17:06 27,496 a------- c:\windows\system32\mucltui.dll.mui

2009-05-05 17:06 268,648 a------- c:\windows\system32\mucltui.dll

2009-05-04 20:53 <DIR> --d----- c:\program files\EASEUS

2009-05-04 20:06 <DIR> --d----- c:\program files\Windows Media Connect 2

2009-05-04 20:05 <DIR> --d----- c:\windows\system32\LogFiles

2009-05-04 20:03 <DIR> --d----- c:\windows\system32\URTTemp

2009-05-04 20:00 <DIR> --dsh--- c:\documents and settings\henry\PrivacIE

2009-05-04 19:59 0 a------- c:\windows\ativpsrm.bin

2009-05-04 19:58 593,920 -------- c:\windows\system32\ati2sgag.exe

2009-05-04 19:57 <DIR> --d----- c:\program files\ATI Technologies

2009-05-04 19:57 <DIR> --d----- C:\ATI

2009-05-04 19:57 292 a------- c:\windows\system\cmicnfg.ini

2009-05-04 19:55 <DIR> --dsh--- c:\documents and settings\henry\IETldCache

2009-05-04 19:54 <DIR> --d----- c:\windows\ie8updates

2009-05-04 19:54 105,984 -c------ c:\windows\system32\dllcache\iecompat.dll

2009-05-04 19:53 <DIR> -cd-h--- c:\windows\ie8

2009-05-04 19:47 146,048 ac------ c:\windows\system32\dllcache\portcls.sys

2009-05-04 19:47 129,536 ac------ c:\windows\system32\dllcache\ksproxy.ax

2009-05-04 19:47 4,096 ac------ c:\windows\system32\dllcache\ksuser.dll

2009-05-04 19:47 146,048 a------- c:\windows\system32\drivers\portcls.sys

2009-05-04 19:47 129,536 a------- c:\windows\system32\ksproxy.ax

2009-05-04 19:47 4,096 a------- c:\windows\system32\ksuser.dll

2009-05-04 19:47 60,160 ac------ c:\windows\system32\dllcache\drmk.sys

2009-05-04 19:47 60,160 a------- c:\windows\system32\drivers\drmk.sys

2009-05-04 19:44 333,952 -c------ c:\windows\system32\dllcache\srv.sys

2009-05-04 19:44 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys

2009-05-04 19:44 1,106,944 -c------ c:\windows\system32\dllcache\msxml3.dll

2009-05-04 19:44 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll

2009-05-04 19:44 331,776 -c------ c:\windows\system32\dllcache\msadce.dll

2009-05-04 19:43 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll

2009-05-04 19:43 272,128 -c------ c:\windows\system32\dllcache\bthport.sys

2009-05-04 19:43 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys

2009-05-04 19:41 <DIR> --d----- c:\program files\Western Digital Corporation

2009-05-04 19:33 <DIR> --d----- c:\windows\system32\scripting

2009-05-04 19:33 <DIR> --d----- c:\windows\system32\en

2009-05-04 19:33 <DIR> --d----- c:\windows\l2schemas

2009-05-04 19:29 <DIR> --d----- c:\windows\network diagnostic

2009-05-04 19:22 4,126 -c------ c:\windows\system32\dllcache\msdxmlc.dll

2009-05-04 19:13 <DIR> --d----- c:\windows\system32\PreInstall

2009-05-04 19:13 <DIR> --d-h--- c:\windows\$hf_mig$

2009-05-04 19:06 316,640 a------- c:\windows\WMSysPr9.prx

2009-05-04 19:05 <DIR> --d----- c:\windows\provisioning

2009-05-04 19:05 <DIR> --d----- c:\windows\peernet

2009-05-04 19:04 <DIR> --d----- c:\windows\ServicePackFiles

2009-05-04 19:01 <DIR> --d----- c:\windows\system32\ReinstallBackups

2009-05-04 19:01 26,144 a------- c:\windows\system32\spupdsvc.exe

2009-05-04 19:00 <DIR> --d----- c:\windows\EHome

2009-05-04 18:58 11,264 -------- c:\windows\system32\spnpinst.exe

2009-05-04 18:58 7,208 -------- c:\windows\system32\secupd.sig

2009-05-04 18:58 4,569 -------- c:\windows\system32\secupd.dat

2009-05-04 18:49 36,352 -------- C:\WGASetup.exe

2009-05-04 18:41 <DIR> --d----- c:\windows\system32\bits

2009-05-04 18:40 354,304 a------- c:\windows\system32\winhttp.dll

2009-05-04 18:40 18,944 a------- c:\windows\system32\qmgrprxy.dll

2009-05-04 18:40 438,784 -------- c:\windows\system32\xpob2res.dll

2009-05-04 18:40 8,192 -------- c:\windows\system32\bitsprx2.dll

2009-05-04 18:40 7,168 -------- c:\windows\system32\bitsprx3.dll

2009-05-04 18:38 31,768 a------- c:\windows\system32\wucltui.dll.mui

2009-05-04 18:38 213,528 a------- c:\windows\system32\wuaucpl.cpl

2009-05-04 18:38 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui

2009-05-04 18:38 23,576 a------- c:\windows\system32\wuapi.dll.mui

2009-05-04 18:38 18,456 a------- c:\windows\system32\wuaueng.dll.mui

2009-05-04 18:38 <DIR> --dsh--- c:\documents and settings\henry\UserData

2009-05-04 18:34 <DIR> --d----- c:\windows\system32\??

2009-05-04 18:34 <DIR> --ds---- c:\windows\system32\Microsoft

2009-05-04 18:31 459,520 a------- c:\windows\system32\drivers\rt73.sys

2009-05-04 18:29 53,299 a------- c:\windows\system32\pthreadVC.dll

2009-05-04 18:28 256,640 a------- c:\windows\system32\PROUnstl.exe

2009-05-04 18:28 1,904 -------- c:\windows\system32\SetupBD.din

2009-05-04 17:46 106,496 ac------ c:\windows\system32\dllcache\imekrcic.dll

2009-05-04 17:45 3,072 a------- c:\windows\system32\drivers\audstub.sys

2009-05-04 17:44 57,600 a------- c:\windows\system32\drivers\redbook.sys

2009-05-04 17:44 25,856 a------- c:\windows\system32\drivers\usbprint.sys

2009-05-04 17:44 6,400 a------- c:\windows\system32\drivers\enum1394.sys

2009-05-04 17:44 74,240 ac------ c:\windows\system32\dllcache\usbui.dll

2009-05-04 17:44 74,240 a------- c:\windows\system32\usbui.dll

2009-05-04 17:43 <DIR> --d----- c:\program files\common files\ODBC

2009-05-04 17:43 <DIR> --d----- c:\program files\common files\SpeechEngines

2009-05-04 17:42 <DIR> --d--r-- c:\documents and settings\all users\Documents

2009-05-04 17:41 261 a------- c:\windows\system32\$winnt$.inf

2009-05-04 16:53 <DIR> --dsh--- c:\documents and settings\all users\DRM

2009-05-04 16:51 <DIR> --d----- c:\program files\common files\MSSoap

2009-05-04 16:50 <DIR> --d-h--- c:\program files\WindowsUpdate

2009-05-04 16:50 <DIR> --d----- c:\program files\Online Services

2009-05-04 16:50 <DIR> --d----- c:\program files\Messenger

2009-05-04 16:50 <DIR> --d----- c:\program files\MSN Gaming Zone

2009-05-04 16:50 <DIR> --d----- c:\program files\Windows NT

==================== Find3M ====================

2009-05-04 19:36 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat

2009-05-04 16:51 21,640 a------- c:\windows\system32\emptyregdb.dat

2009-04-02 14:21 84,480 a------- c:\windows\system32\ff_vfw.dll

2009-03-16 22:33 3,597,312 a------- c:\windows\system32\drivers\ati2mtag.sys

2009-03-16 21:27 442,368 a------- c:\windows\system32\ATIDEMGX.dll

2009-03-16 21:26 328,704 a------- c:\windows\system32\ati2dvag.dll

2009-03-16 21:17 307,200 a------- c:\windows\system32\atiiiexx.dll

2009-03-16 21:17 204,800 a------- c:\windows\system32\atipdlxx.dll

2009-03-16 21:16 155,648 a------- c:\windows\system32\Oemdspif.dll

2009-03-16 21:16 26,112 a------- c:\windows\system32\Ati2mdxx.exe

2009-03-16 21:16 43,520 a------- c:\windows\system32\ati2edxx.dll

2009-03-16 21:16 155,648 a------- c:\windows\system32\ati2evxx.dll

2009-03-16 21:15 602,112 a------- c:\windows\system32\ati2evxx.exe

2009-03-16 21:13 53,248 a------- c:\windows\system32\ATIDDC.DLL

2009-03-16 21:06 3,820,736 a------- c:\windows\system32\ati3duag.dll

2009-03-16 21:04 11,563,008 a------- c:\windows\system32\atioglxx.dll

2009-03-16 20:53 2,675,328 a------- c:\windows\system32\ativvaxx.dll

2009-03-16 20:53 3,107,788 a------- c:\windows\system32\ativva5x.dat

2009-03-16 20:53 887,724 a------- c:\windows\system32\ativva6x.dat

2009-03-16 20:40 49,664 a------- c:\windows\system32\atimpc32.dll

2009-03-16 20:40 49,664 a------- c:\windows\system32\amdpcom32.dll

2009-03-16 20:36 475,136 a------- c:\windows\system32\atikvmag.dll

2009-03-16 20:35 303,104 a------- c:\windows\system32\atiok3x2.dll

2009-03-16 20:35 131,072 a------- c:\windows\system32\atiadlxx.dll

2009-03-16 20:35 45,056 a------- c:\windows\system32\aticalrt.dll

2009-03-16 20:34 45,056 a------- c:\windows\system32\aticalcl.dll

2009-03-16 20:34 17,408 a------- c:\windows\system32\atitvo32.dll

2009-03-16 20:34 53,248 a------- c:\windows\system32\drivers\ati2erec.dll

2009-03-16 20:33 3,264,512 a------- c:\windows\system32\aticaldd.dll

2009-03-16 20:28 630,784 a------- c:\windows\system32\ati2cqag.dll

2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll

2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll

2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll

2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll

2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll

2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll

2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll

2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll

2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe

2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll

2009-03-06 15:22 284,160 a------- c:\windows\system32\pdh.dll

2009-03-06 13:54 180,224 a------- c:\windows\system32\Ncs2Setp.dll

2009-03-04 15:42 760,368 a------- c:\windows\system32\ncs2dmix.dll

2009-03-04 15:41 530,992 a------- c:\windows\system32\accesor.dll

2009-03-04 15:26 141,872 a------- c:\windows\system32\ncs2instutility.dll

2009-03-04 15:17 1,522,224 a------- c:\windows\system32\ncscolib.dll

2009-03-03 20:56 118,784 a------- c:\windows\system32\atibtmon.exe

2009-02-26 21:47 2,255,360 a------- c:\windows\system32\x264vfw.dll

2009-02-23 22:39 184,394 a------- c:\windows\system32\atiicdxx.dat

2009-02-18 18:55 294,912 a------- c:\windows\system32\ATIODE.exe

2009-02-09 13:10 729,088 a------- c:\windows\system32\lsasrv.dll

2009-02-09 13:10 714,752 a------- c:\windows\system32\ntdll.dll

2009-02-09 13:10 617,472 a------- c:\windows\system32\advapi32.dll

2009-02-09 13:10 401,408 a------- c:\windows\system32\rpcss.dll

2009-02-09 12:13 1,846,784 a------- c:\windows\system32\win32k.sys

============= FINISH: 20:22:59.88 ===============

DDS.txt

Attach.txt

DDS.txt

Attach.txt

[miekiemoes]

Hi,

I have had firefox and eset installed from day one after installing SP3. They have been running fine with no problems i.e. I didnt have to wait for desktop to load and didnt have to wait for firefox to load as well as other tasks until today.

This doesn't mean that they don't update

I see you have other Security tools also starting up with Windows - keep in mind that they may cause an extra delay. This is totally normal.

In anyway, I really can't see anything suspicious here and your problem (which isn't actually a problem, but normal Windows behavior) is certainly not malware related. Trust me, you would certainly notice when you had a rootkit though

[miekiemoes]

By the way..

I have had firefox and eset installed from day one after installing SP3.

From your log:

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 04/05/2009 16:55:27

System Uptime: 05/07/2009 17:25:18 (-1413 hours ago)

This OS is installed since 3 days! Please don't worry at all.

[gogogo]

But i thought that I was infected somehow when every thing I run took like 5 minutes to open.

The script you asked me to run took about 3 minutes and the CPU usage was 50% all the way through that period.

Also when downloading files for the first time, the firefox freezes for a few minutes and cuts off during download and that always happens.

When I try to go into the device manager or msconfig or services.msc the same thing happens. 50% CPU increase for each one and I have to wait quite a while for my system to respond again.

I have a feeling that it will always be like this....

[gogogo]

I should have been clearer, I opened the script and nothing opened ot had shown up, the CPU was 50% during this, then a window opened and I can see that after 3 minutes or so, the script is actuallt running and I can read what was written. Then it ran smoothly.

I just think that shouldn't normal windows behaviour be something like you open a script, it should take at most a few seconds to load?? same with other tasks??

[miekiemoes]

The script you asked me to run took about 3 minutes and the CPU usage was 50% all the way through that period.

Yes, that's normal. In my case it would even go up till 80%

Also when downloading files for the first time, the firefox freezes for a few minutes and cuts off during download and that always happens.

As I said, latest version of Firefox is buggy. See here: http://support.mozilla.com/tiki-view_forum...parentId=338942

Also, your Eset Firewall may be the cause here as well.

When I try to go into the device manager or msconfig or services.msc the same thing happens. 50% CPU increase for each one and I have to wait quite a while for my system to respond again.

I have a feeling that it will always be like this...

Yes, it's normal Windows behavior and some security scans make it "worse", because every process that is launched is scanned by your scanner. Some scanners are better in handling this than others. Also, every computer is different, so some scans work better than on others.

I should have been clearer, I opened the script and nothing opened ot had shown up, the CPU was 50% during this, then a window opened and I can see that after 3 minutes or so, the script is actuallt running and I can read what was written. Then it ran smoothly.

I just think that shouldn't normal windows behaviour be something like you open a script, it should take at most a few seconds to load?? same with other tasks??

That all depends what the script does. DDS is a powerful script.

[gogogo]

Ok,

that reassured me a bit. So from the logs my system is clean?

is the latest version of IE8 buggy as well because its not just firefox browser that has a very slow startup?

[miekiemoes]

So from the logs my system is clean?

Yes, otherwise I would have told you if otherwise

To get infected in 3 days after a Windows install would be nuts, unless you have been visiting crack sites and other illegal sites.

I don't know about latest IE since I have not installed it yet. All I have seen is that many iexplore.exe references are active in the processes.

[gogogo]

Ok,

I will continue working on this system and hope it doesnt get any worse.

Thank for your time.

[miekiemoes]

You're most welcome. If it does get worse, uninstall your Eset Security Suite and replace it with another one and see if it works better. This because, as I already explained, some Security Suites just won't work properly on some computers, so it will be a matter of testing and see which one works best for you (speedwise).

For example, I've switched from Eset Security Suite to Avira Security Suite for that reason.

[gogogo]

Hi,

I heard you mention something about lots of internet explorer instances.

So I decided to remove internet explorer 8 and get back to internet explorer 7.

Funnily enough, everything is running great again

So I think for some reason, my system didnt like IE8 so I think I stick with IE7 and use firefox for now.

Thanks

[miekiemoes]

Good to hear

[YoKenny1]

IE8 tabs uses separate instances of iexplore.exe to provide isolation of one session from another so that one session corruption does not affect the whole browser.

IE8, Tab Grouping and Task Manager

http://www.geekzone.co.nz/chakkaradeep/5696

I like the Accelerators and SmartScreen Filter:

http://www.microsoft.com/windows/internet-...d=1&catid=1

http://www.microsoft.com/windows/internet-...d=2&catid=1

[miekiemoes]

Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.