|
|
|
Computer Moving Extremely Slow
|
|
|
baddassb
Member
|
15. April 2013 @ 10:06 |
Link to this message
|
|
Hello,
I'm having real serious issue now. My computer's been running extremely slow and shutting down on its own. I installed Malwarebytes, did a full scan (which took 3.5 hr). It found items, i deleted them and did a restart. Apparently it started running in the background and i can see it popping up reporting finding and quarantining more files. This went on for hours and it finally stopped after quarantining 1100 (or so) files. I prompted to delete, did so and then computer went slow again. I tried to reboot and received screen warning of possible hardware/software issues, please contact administrator. I tried to F8 my way in to try a restore, but didn't get the option. I started Windows normally, checked Task Manager (which shows 31% CPU usage, but i have nothing running at all. At present, I'm running Malwarebytes again to see if it finds anything again.
Any suggestions? Thanks in advance.
|
|
Advertisement
|
 |
|
|
AfterDawn Addict
|
15. April 2013 @ 10:46 |
Link to this message
|
Quote:
I tried to F8 my way in to try a restore, but didn't get the option.
You can't boot into Safe Mode to try the restore?
|
|
baddassb
Member
|
15. April 2013 @ 12:48 |
Link to this message
|
Originally posted by attar:
Quote:
I tried to F8 my way in to try a restore, but didn't get the option.
You can't boot into Safe Mode to try the restore?
No, it wont give me the option to go into Safe Mode anymore. It's now asking for a HP recovery disk (which i don't have). Also, upon shutdown (which takes a lot of time), I'm getting the message that there are background programs running and do i want to force the shut down -- when there are no programs running (at least up front). Thanks in advance!
|
AfterDawn Addict
|
15. April 2013 @ 13:51 |
Link to this message
|
|
Windows7 you can click Start and type msconfig.
That brings up the config menu..click the boot tab and select safe mode.
Worth a try.
|
Senior Member
|
15. April 2013 @ 14:24 |
Link to this message
|
|
what are your computer specs,ie what kind of animal do we have here?
|
AfterDawn Addict
|
15. April 2013 @ 16:57 |
Link to this message
|
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 15. April 2013 @ 16:59
|
AfterDawn Addict
|
24. May 2013 @ 02:14 |
Link to this message
|
Like aldan stated above. What are your computer/system specs?
To be honest, I've been using Malwarebytes Anti-Malware and AVG for the last 4 years and I have not had any issue with any of my computer.
Another option I would recommend is to:
<> run CCleaner on a daily basis
<> defrag your hard drive at least once a week
|
|
Mez
AfterDawn Addict
|
26. May 2013 @ 13:26 |
Link to this message
|
You may have a botnet infection. They are usually far more sophisticated than virus often not detectable. Just last month a bot net brute broke into thousands of forum/blog web sights cracking the admin account by brute force. Because the attack used hundreds of thousands of zombies each only trying one ID/password each day, none of the brute force protections helped prevent that kind of attack. The even most disconcerting problem is once taken over they encrypted the database so the real admin was completely locked out, then web pages were altered so that users visiting the site would be infected my MANY different sites in China or at least in the cn domain. It would appear the bot net might be getting paid for infecting computers for cash or bartered services from each of the sites. I might add your computer's defenses might be able to fend off and attack from on hostile site but what about being attacked by 20 sites simultaneously? Oh, I forgot just visiting the site starts the attack you don't need to do anything.
Once infected by one of these the best thing to do is buy a new HD format and start over. I would install all the necessary software while not connected to the internet and save an image of your clean system so you don't have to go through that again. One of my threads on this forum has a post from oldtimer lists links for free imaging software.
I would also invest in a top-end firewall. One that will provide complete stealth to your computer. If hackers can't tell if it is even on and connected to the web they will not bother with you. I would expect the displaced bot nets will try to reacquire your computer as soon as it comes on line again. They already have your IP address as well as what they need to know to infect your computer as soon as it comes on line again. Reacquiring your computer will be child's play unless you take action to prevent it.
Good luck!
|
|
baddassb
Member
|
12. June 2013 @ 17:47 |
Link to this message
|
Originally posted by attar:
Windows7 you can click Start and type msconfig.
That brings up the config menu..click the boot tab and select safe mode.
Worth a try.
I cannot get to START to run msconfig.
It's a HP Pavilion p6203w; M2N68-LA (Narra5); AMD Athlon II X2 215; 16 GB; Integrated graphics using nVidia GeForce 6150SE; Integrated Realtek ALC888S Audio; LAN: 10-Base-T.
At this point, unfortunately, I'm more willing to do a total recovery back to factory setting, but would really like to access files that are on my desktop. It's now at the point where it doesn't allow me to go into safemode (with or without networking or command prompt). Whichever one I select takes me back to a blue screen with two options: Start Windows Normally or Begin System Repair (which does nothing at all). F11 takes me to HP Recovery Manager, but it only gives the option to backup the other folders -- not the desktop.
I tried the AntiVir Rescue disk (which took 2+ hrs) but once that was completed, I couldn't save the log. During that process, I did notice several detections (24 in total), some of which are TR/Weelsof.NU4,.5,.3 and .2; JS/FakeAlert.168219 java script virus; TR/Kazy.170382.1 (trojan horse?), etc.... How will I be able to run a full system scan with AntiVir (to quarantine all the renamed files) if I can't get to any drives?
I'm stumped now. Any other suggestions are greatly appreciated.
Thanks to all again in advance!
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
This message has been edited since posting. Last time this message was edited on 12. June 2013 @ 17:51
|
AfterDawn Addict
|
12. June 2013 @ 17:55 |
Link to this message
|
|
hi baddassb,
After you ran Avira Rescue, can you reboot into windows? Just having trouble with the start menu?
let me know all symptoms you got and I'll give you a hand......
2oG
add: I think you are not able to get into windows.. is that right?
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 12. June 2013 @ 17:58
|
AfterDawn Addict
|
12. June 2013 @ 18:33 |
Link to this message
|
Sorry I was in a hurry last post and didn't read yours very good.
I had a ZeroAccess rootkit wipe out my drive a couple of months ago and was lucky enough to have a copy of my boot disk using Acronis. It was the only thing that saved me.
Try using a Linux Boot disc to look at your drive and see if it can be saved..
Here: http://www.howtogeek.com/howto/windows-...ndows-computer/
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
baddassb
Member
|
12. June 2013 @ 19:40 |
Link to this message
|
Originally posted by 2oldGeek:
hi baddassb,
After you ran Avira Rescue, can you reboot into windows? Just having trouble with the start menu?
let me know all symptoms you got and I'll give you a hand......
2oG
add: I think you are not able to get into windows.. is that right?
Correct! I cannot boot into Windows at all. Upon boot, I see the Win7 rotating balls startup screen. I am then directed to the screen opting to either a (1) System Repair or (2) Start Windows Normally. If I select Start Windows Normally, it loops back around to the same startup screen. I am able to F8 (for safe mode), but like I said, after trying Last Known Configuration (unsuccessful) and any of the 3 safe mode options, it takes me back to that two option screen again. F11 takes me to the HP Recovery Manager screen which will backup files and restore to factory settings. If all else fails, I will take that option, but there are files on my desktop that I would like to access and rescue.
Thanks for the assistance!
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
|
|
baddassb
Member
|
12. June 2013 @ 19:44 |
Link to this message
|
Originally posted by 2oldGeek:
Sorry I was in a hurry last post and didn't read yours very good.
I had a ZeroAccess rootkit wipe out my drive a couple of months ago and was lucky enough to have a copy of my boot disk using Acronis. It was the only thing that saved me.
Try using a Linux Boot disc to look at your drive and see if it can be saved..
Here: http://www.howtogeek.com/howto/windows-...ndows-computer/
2oG
At the moment, I'm more concerned with saving the files on the desktop (which I cannot access).
Thanks,
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
|
AfterDawn Addict
|
12. June 2013 @ 19:50 |
Link to this message
|
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
baddassb
Member
|
12. June 2013 @ 20:40 |
Link to this message
|
Originally posted by 2oldGeek:
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
ok, will do and I will give an update of results!
Thanks again very much!
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
|
|
Mez
AfterDawn Addict
|
12. June 2013 @ 20:41 |
Link to this message
|
Have you thought of buying an empty HD putting your OS of that then add your second disk as D:? You can probably salvage your files that way. You can just keep it as a d: The chance are by moving the disk to D: what ever was running will not hurt you but I would runt it by a few different scanners before I started salvaging anything.
|
|
scorpNZ
AfterDawn Addict
4 product reviews
|
12. June 2013 @ 20:54 |
Link to this message
|
free 50gb of storage at mega.com once you create an account,comes in handy
@2oldgeek
ffs you still alive :P
|
|
baddassb
Member
|
12. June 2013 @ 21:01 |
Link to this message
|
Originally posted by 2oldGeek:
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
...but i would like to just identify and repair/eliminate what's affecting my machine. There's tons of programs that i really don't want to reinstall, e.g., Adobe Suite, 3Ds Max, Anime Studio, etc...
Thank you!
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
This message has been edited since posting. Last time this message was edited on 12. June 2013 @ 21:21
|
AfterDawn Addict
|
12. June 2013 @ 21:50 |
Link to this message
|
Originally posted by baddassb:
Originally posted by 2oldGeek:
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
...but i would like to just identify and repair/eliminate what's affecting my machine. There's tons of programs that i really don't want to reinstall, e.g., Adobe Suite, 3Ds Max, Anime Studio, etc...
Thank you!
If it is what I think it is, you won't be able to salvage your OS and the programs can always be reinstalled.
Move all data you can get with Linux to another drive, either in the second drive position or a USB drive.. Where there's a will, there's a way! After you move your data, reformat and reinstall the OS.. use your HP, F11 recovery then move your data back and install all of the programs you lost..
2oG
ps @Mez good idea but, he would need way to install the system on the second drive. If he don,t have a disc, the recovery will not install on another drive. catch 22
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...This message has been edited since posting. Last time this message was edited on 12. June 2013 @ 21:55
|
|
baddassb
Member
|
14. June 2013 @ 17:50 |
Link to this message
|
Originally posted by 2oldGeek:
Originally posted by baddassb:
Originally posted by 2oldGeek:
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
...but i would like to just identify and repair/eliminate what's affecting my machine. There's tons of programs that i really don't want to reinstall, e.g., Adobe Suite, 3Ds Max, Anime Studio, etc...
Thank you!
If it is what I think it is, you won't be able to salvage your OS and the programs can always be reinstalled.
Move all data you can get with Linux to another drive, either in the second drive position or a USB drive.. Where there's a will, there's a way! After you move your data, reformat and reinstall the OS.. use your HP, F11 recovery then move your data back and install all of the programs you lost..
2oG
ps @Mez good idea but, he would need way to install the system on the second drive. If he don,t have a disc, the recovery will not install on another drive. catch 22
Ok, I have a major question. I followed your Linux link, which took me to Ubuntu. Is that correct? I used another computer nearby to burn the CD, and attempted to try it on that good computer just to get familiar with the views and/or instructions. Totally different. I selected "Try Ubuntu without any change to your computer". After that, I did not see the option to choose Places / Computer from the menu. It was a Ubuntu desktop screen, with no option to view any files. Is this the view I will see when i boot on the corrupted pc? As you can see, I'm totally confused with it all at the moment.
Your input will be greatly appreciated.
Thanks again, as always....
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
|
AfterDawn Addict
|
14. June 2013 @ 18:41 |
Link to this message
|
Originally posted by baddassb:
Ok, I have a major question. I followed your Linux link, which took me to Ubuntu. Is that correct? I used another computer nearby to burn the CD, and attempted to try it on that good computer just to get familiar with the views and/or instructions. Totally different. I selected "Try Ubuntu without any change to your computer". After that, I did not see the option to choose Places / Computer from the menu. It was a Ubuntu desktop screen, with no option to view any files. Is this the view I will see when i boot on the corrupted pc? As you can see, I'm totally confused with it all at the moment.
I think it may be bad news.. As I said, I had it happen to me but was lucky enough to have an image backup of my boot drive on my second HD.
If the malware scrambled your drive like it did mine, there?s not much hope for a recovery of anything.
Before you give up completely, follow the instructions on the How to Geek link and if there is any hope maybe you can find it.
I know, it?s a little geeky but that?s the only solution I can come up with before you have to F11 restore..
Give it a try and let me know.
2oG
There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves... |
|
baddassb
Member
|
14. June 2013 @ 20:13 |
Link to this message
|
okOriginally posted by 2oldGeek:
Originally posted by baddassb:
Ok, I have a major question. I followed your Linux link, which took me to Ubuntu. Is that correct? I used another computer nearby to burn the CD, and attempted to try it on that good computer just to get familiar with the views and/or instructions. Totally different. I selected "Try Ubuntu without any change to your computer". After that, I did not see the option to choose Places / Computer from the menu. It was a Ubuntu desktop screen, with no option to view any files. Is this the view I will see when i boot on the corrupted pc? As you can see, I'm totally confused with it all at the moment.
I think it may be bad news.. As I said, I had it happen to me but was lucky enough to have an image backup of my boot drive on my second HD.
If the malware scrambled your drive like it did mine, there?s not much hope for a recovery of anything.
Before you give up completely, follow the instructions on the How to Geek link and if there is any hope maybe you can find it.
I know, it?s a little geeky but that?s the only solution I can come up with before you have to F11 restore..
Give it a try and let me know.
2oG
ok, will do. I may have another "ace in the hole" if this doesn't work.
Thanks again!
HP Pavilion HPE, Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz, 8.00GB, Windows 7 Home Premium, 64Bit, SP1, AMD Radeon HD 6450, Adobe CS 5.5
Dell Dimension P4,2.80GHz,512MB,XPHomeEdition Versions 2002 SP2, NVIDIA GeForce Fx 5200, JLMS DVD-Rom, LITE-ON DVDRW, DVD Shrink, DVD Decryptor, Nero, Sonic, ShowBiz
|
|
Mez
AfterDawn Addict
|
14. June 2013 @ 21:20 |
Link to this message
|
baddassb,
You might not have figured out things have changed. The bad guys have been improving their trade by leaps and bounds while the good guys have not kept up in years. At the end of last year there was a disturbing article published in some tech mag. Originally posted by 2oldGeek:
Originally posted by baddassb:
Originally posted by 2oldGeek:
you should be able to access the desktop with the Linux boot disk.
give it a try....
2oG
...but i would like to just identify and repair/eliminate what's affecting my machine. There's tons of programs that i really don't want to reinstall, e.g., Adobe Suite, 3Ds Max, Anime Studio, etc...
Thank you!
If it is what I think it is, you won't be able to salvage your OS and the programs can always be reinstalled.
Move all data you can get with Linux to another drive, either in the second drive position or a USB drive.. Where there's a will, there's a way! After you move your data, reformat and reinstall the OS.. use your HP, F11 recovery then move your data back and install all of the programs you lost..
2oG
ps @Mez good idea but, he would need way to install the system on the second drive. If he don,t have a disc, the recovery will not install on another drive. catch 22
He said there were valuable files on the disk. I figure that would be worth $50 (500g disk).
For the last 6 months I have been boning up on security. I wasn't wet behind the ears before but I have been researching about 5-10 hrs every week. Every Tech board I have found (20+ boards) the overwhelming opinion is after you have tried a few different AV scans and don't get satisfaction it is time to re-image or format. Granted most of the techs on some of these boards maintain hundreds or even thousands of computers and can force an image down on a computer with a few clicks. Hopefully when baddassb continues to boot the disk up he isn't destroying the disk further.
The new wave of malware is not found by any scanner. A year ago routines have been posted on hacker boards that allow the malware to change its signature for each computer. Any malware using this is invisible to scanners. Most of these malware are bot nets that infect computers turning them into zombies that work to infect other computers. Many of these new bot nets use VPN to get their orders from their masters. These are extremely sophisticated and may run for years on your computer without detection.
|
|
proseak
Newbie
|
15. June 2013 @ 07:51 |
Link to this message
|
Originally posted by baddassb:
okOriginally posted by 2oldGeek:
Originally posted by baddassb:
Ok, I have a major question. I followed your Linux link, which took me to Ubuntu. Is that correct? I used another computer nearby to burn the CD, and attempted to try it on that good computer just to get familiar with the views and/or instructions. Totally different....
If the malware scrambled your drive like it did mine, there?s not much hope for a recovery of anything.
Before you give up completely, follow the instructions on the How to Geek link and if there is any hope maybe you can find it.
I know, it?s a little geeky but that?s the only solution I can come up with before you have to F11 restore..
Give it a try and let me know.
2oG
ok, will do. I may have another "ace in the hole" if this doesnt work.
Thanks again!
Try this if you have no joy with Linux;
Google for Hiren's Boot CD
Using a clean machine, download and burn the iso, then boot your infected machine with it, This gives you a version of XP, and will enable you to have a look at whats on there. Connect up an EMPTY external HDD, and copy stuff over. When you have what you need/can find, scan it from another clean machine, with Autorun disabled; keep scanning it with different tools, before considering it even halfway safe.
Installing your HD as a second drive inside another machine isnt a good idea - with the amount and sophistication of the malware already detected, it will infect that one too. You could try putting it an enclosure, and....scan it from another clean machine, with Autorun disabled; keep scanning it with different tools, before considering it even halfway safe.
Still in XP, take a close look at your HDD, both in Explorer and disc management. How many partitions are visible? malware sometimes creates a hidden one in order to survive reinstallation of the OS.
HTH
|
|
Advertisement
|
|
|
|
Mez
AfterDawn Addict
|
15. June 2013 @ 11:53 |
Link to this message
|
HTH,
How Quote:
nstalling your HD as a second drive inside another machine isnt a good idea - with the amount and sophistication of the malware already detected, it will infect that one too.
Malware is not magic. What the smart ones do is install/replace a dll or exe with the 'name' of software already installed. They get executed instead of what was supposed to be executed. They usually either pick something in the start up or in the default browser. Being on D: the malware is not called.
I am truly interested to see how you think the malware is executed on D:. The only way is if you purposely click or execute it and baddassbis not that stupid. I am open to know how I am wrong. Then I will learn something new and important other wise you are just an empty barrel.
baddassb,
I would also install the best firewall you can on the new computer. If the malware was a bot-net 'they will be back...' it knows your IP address your OS and what ever it needs to reinfect you. You don't even need to be surfing to be attacked. About 6 months ago I cleaned out my home network of 4 computers. Each cleaned computer got an alert that some outsider wanted to go through the fire wall within 30 minutes of getting started up and connected to the internet. Maybe the ping was benign but I doubt it. I kept getting pinged till I figured out how to permanently block incoming.
|
|
