Salutations folks,
Late last night/this morning one of my roommates requested my help with his computer, and I'm kind of at a loss as to what may be going on with it, so I'm hoping one of you will be able to suggest something I haven't tried yet.
We *think*, at present, that he got hit with some kind of virus or malware attack, but we don't know for certain. All that is definitely known is this.
1) there have been 3 incidents of weird system failure on his computer. These 3 incidents occurred right after his girlfriend angered a certain person over Yahoo Messenger.
2) The first two times, I cleaned a massive amount of malware off of his system, but those were traced, eventually, to some files that he downloaded. This fixed the problem.
3) This time.. matters are different. No new files have been downloaded in the past 2 weeks, and he isn't even routed through the firewall for any P2P bits.
Here's the breakdown on what's happening I boot up the system, everything comes up fine. I attempt to use an online virus scan, or access anything that spins up the hard disk significantly, and I get some massive disk thrashing. Nothing on the system responds except the mouse pointer. Even task manager ceases to respond.
Happens in safe mode or normal boot. Happens when attempting to copy files from one system to another over the LAN. Attempting to run any online scans such as Trendmicro, Symantec, Pandasoft, F-secure, etc produces the same lockup and thrashing. Attempting to run a local antivirus engine (trendmicro's Sysclean) seemed to work for about 10 minutes, and then the system spontaneously rebooted. Lavasoft's Ad-aware SE produced thrashing and lockup. Smaller utilities, such as Crapcleaner, ran fine.
The system is 6 months old, running on an AMD Athlon 3800+ with 512 mb DDR 400. I can get more complete system stats if that'd be helpful. The hard disk is a 250 gig Sata drive, I believe from Western Digital.
The only other wierd thing that happens with his system happens with every computer on the house lan... upon reboot, an instance of svchost.exe starts taking up massive amounts of system resources, and disallows any internet or network connectivity untill the process is killed in Task Manager. The User Name in Task Manager is "NETWORK SERVICE". As I've said, every system in the house has this same oddity, but nothing odd shows up on virus, malware, or adware scans on the rest of them, and terminating the process shows no sign of ill effect, so I doubt they're related.
I'm convinced that the disk thrashing is some kind of a weird loop, or it's just getting stuck.. it doesn't happen until we attempt to actually *run* programs, or copy files, but it also doesn't stop.. we've observed it for an hour just to see if the system was trying something it could potentially finish.. no such luck.
I'm off to try a small battery of diagnostic software now in hopes I might get lucky, but I'm really hoping one of you out there has seen this sort of thing before, and might be able to clue me in as to possible causes.
Thanks,
Druegan
Late last night/this morning one of my roommates requested my help with his computer, and I'm kind of at a loss as to what may be going on with it, so I'm hoping one of you will be able to suggest something I haven't tried yet.
We *think*, at present, that he got hit with some kind of virus or malware attack, but we don't know for certain. All that is definitely known is this.
1) there have been 3 incidents of weird system failure on his computer. These 3 incidents occurred right after his girlfriend angered a certain person over Yahoo Messenger.
2) The first two times, I cleaned a massive amount of malware off of his system, but those were traced, eventually, to some files that he downloaded. This fixed the problem.
3) This time.. matters are different. No new files have been downloaded in the past 2 weeks, and he isn't even routed through the firewall for any P2P bits.
Here's the breakdown on what's happening I boot up the system, everything comes up fine. I attempt to use an online virus scan, or access anything that spins up the hard disk significantly, and I get some massive disk thrashing. Nothing on the system responds except the mouse pointer. Even task manager ceases to respond.
Happens in safe mode or normal boot. Happens when attempting to copy files from one system to another over the LAN. Attempting to run any online scans such as Trendmicro, Symantec, Pandasoft, F-secure, etc produces the same lockup and thrashing. Attempting to run a local antivirus engine (trendmicro's Sysclean) seemed to work for about 10 minutes, and then the system spontaneously rebooted. Lavasoft's Ad-aware SE produced thrashing and lockup. Smaller utilities, such as Crapcleaner, ran fine.
The system is 6 months old, running on an AMD Athlon 3800+ with 512 mb DDR 400. I can get more complete system stats if that'd be helpful. The hard disk is a 250 gig Sata drive, I believe from Western Digital.
The only other wierd thing that happens with his system happens with every computer on the house lan... upon reboot, an instance of svchost.exe starts taking up massive amounts of system resources, and disallows any internet or network connectivity untill the process is killed in Task Manager. The User Name in Task Manager is "NETWORK SERVICE". As I've said, every system in the house has this same oddity, but nothing odd shows up on virus, malware, or adware scans on the rest of them, and terminating the process shows no sign of ill effect, so I doubt they're related.
I'm convinced that the disk thrashing is some kind of a weird loop, or it's just getting stuck.. it doesn't happen until we attempt to actually *run* programs, or copy files, but it also doesn't stop.. we've observed it for an hour just to see if the system was trying something it could potentially finish.. no such luck.
I'm off to try a small battery of diagnostic software now in hopes I might get lucky, but I'm really hoping one of you out there has seen this sort of thing before, and might be able to clue me in as to possible causes.
Thanks,
Druegan
