SUBSIM Radio Room Forums



SUBSIM: The Web's #1 resource for all submarine & naval simulations since 1997

Go Back   SUBSIM Radio Room Forums > General > General Topics > PC Hardware/Software forum
Forget password? Reset here

Reply
 
Thread Tools Display Modes
Old 04-02-17, 02:36 PM   #1
Onkel Neal
Born to Run Silent
 
Onkel Neal's Avatar
 
Join Date: Jan 1997
Location: Cougar Trap, Texas
Posts: 21,276
Downloads: 534
Uploads: 224


Default Gah, it's dead, Jim

So, my folk's PC, a win7 desktop, seems to have a virus. No outward signs but it runs really slowly, you cannot open the Task Manager or McAfee. Any suggestions before I reformat?
__________________
SUBSIM - 26 Years on the Web
Onkel Neal is offline   Reply With Quote
Old 04-02-17, 02:45 PM   #2
ikalugin
Ocean Warrior
 
Join Date: Aug 2014
Location: Moscow, Russia
Posts: 3,212
Downloads: 8
Uploads: 0


Default

Could be a hardware thing.

If you do - purge all of your external flashdrives/HDDs using an ARM or other non standard system. BIOS persistent viruses are like AIDS, you need to take measures.
__________________
Grumpy as always.
ikalugin is offline   Reply With Quote
Old 04-02-17, 03:01 PM   #3
Catfish
Dipped Squirrel Operative
 
Catfish's Avatar
 
Join Date: Sep 2001
Location: ..where the ocean meets the sky
Posts: 16,880
Downloads: 38
Uploads: 0


Default

Ouch. Do you have a restore point you can go back to ?
__________________


>^..^<*)))>{ All generalizations are wrong.
Catfish is offline   Reply With Quote
Old 04-02-17, 03:59 PM   #4
Rockin Robbins
Navy Seal
 
Join Date: Mar 2007
Location: DeLand, FL
Posts: 8,899
Downloads: 135
Uploads: 52


Default

First thing I'd do is a Malwarebytes scan. It's so reliable you don't even have to look at what it found: say "kill it all" and be done with it. Run the scan and eradication twice. Then go to bleepingcomputer.com and download and run ADWcleaner. It's free and finds things that Malwarebytes won't. Reboot and I'll bet it runs faster.

You could type Windows-r and do and type "msconfig." you'll get "msconfig.exe" in the results box. Click on it. Then you can go to the startup programs tab to look for programs starting with the system. You're looking for ones that are unfamiliar or those you know you don't want. Google the unknowns to see what they are. You can disable them right there in msconfig.

If your antivirus has been running the chance of a virus is low. It's much more likely that adware/spyware is just clogging the works and once it's out of the way their system will run well again.
Rockin Robbins is offline   Reply With Quote
Old 04-02-17, 04:49 PM   #5
Skybird
Soaring
 
Skybird's Avatar
 
Join Date: Sep 2001
Location: the mental asylum named Germany
Posts: 40,340
Downloads: 9
Uploads: 0


Default

Depending on age and how intensly the HD/system was used, I would consider to reformat the drive to kill the data (if it is sensible data, reformat and then also overwrite 3-5x), but to install on a new HD.

I once did all the installation combo and detailed FS installation and all those many addons I used, very time-consuming, took me two days - and one week later the HD broke down, this time for technical malfunctioning. The Bird was not amused.

Its no big money these days. If its older than 18-24 months, consider a new HD.

If you consider to "repair" or to "clean" the installation you suspect to be infested, the only advise you need to know, is this: once corrupted, always corrupted. You can never be certain if you only "repair" it.
__________________
If you feel nuts, consult an expert.
Skybird is offline   Reply With Quote
Old 04-02-17, 04:57 PM   #6
Skybird
Soaring
 
Skybird's Avatar
 
Join Date: Sep 2001
Location: the mental asylum named Germany
Posts: 40,340
Downloads: 9
Uploads: 0


Default

Quote:
Originally Posted by Rockin Robbins View Post
First thing I'd do is a Malwarebytes scan. It's so reliable you don't even have to look at what it found: say "kill it all"
That is irresponsible to advise, Robbins. MBAM is very good, yes - but not fail-safe. On very rare occasions it can produce false positives, though much more rarely than any AV suites I have ever used. And I use MBAM as long as I can remember. Two or three years ago they also messe dup people'S PCs by a terribly flawed update which made many people to reinstall.

You always have to have a very close look before hitting the "proceed"-button.


No security software is out there that you should trust blindly. Never. Even more so since today these security programs themselves get attacked to find entrance into the system. This turns them into a vulnerability themselves.
__________________
If you feel nuts, consult an expert.
Skybird is offline   Reply With Quote
Old 04-02-17, 07:48 PM   #7
Rockin Robbins
Navy Seal
 
Join Date: Mar 2007
Location: DeLand, FL
Posts: 8,899
Downloads: 135
Uploads: 52


Default

A "very close look" means nothing to 99% of people. You're best off by trusting what Malwarebytes shows you. At worst you might someday have to reinstall something it gave a false positive on. That's a tiny price for security.
Rockin Robbins is offline   Reply With Quote
Old 04-02-17, 08:08 PM   #8
Onkel Neal
Born to Run Silent
 
Onkel Neal's Avatar
 
Join Date: Jan 1997
Location: Cougar Trap, Texas
Posts: 21,276
Downloads: 534
Uploads: 224


Default

Quote:
Originally Posted by Catfish View Post
Ouch. Do you have a restore point you can go back to ?
I wish. I get the restore option to appear but clicking on it does nothing. No response.

Same with running McAfee or Malwarebytes, they don't seem to work.

I will probably back up all the files on a flash drive and reinstall Windows.Been a while since I've done that, so I'm due, I guess.
__________________
SUBSIM - 26 Years on the Web
Onkel Neal is offline   Reply With Quote
Old 04-02-17, 11:57 PM   #9
HW3
Navy Seal
 
Join Date: Apr 2005
Location: Gresham Oregon
Posts: 6,434
Downloads: 453
Uploads: 0


Default

Did you try booting into safe mode and then running them?
__________________


"Some ships are designed to sink...others require our assistance." Nathan Zelk
HW3 is offline   Reply With Quote
Old 04-03-17, 07:11 AM   #10
ikalugin
Ocean Warrior
 
Join Date: Aug 2014
Location: Moscow, Russia
Posts: 3,212
Downloads: 8
Uploads: 0


Default

Quote:
Originally Posted by Skybird View Post
That is irresponsible to advise, Robbins. MBAM is very good, yes - but not fail-safe. On very rare occasions it can produce false positives, though much more rarely than any AV suites I have ever used. And I use MBAM as long as I can remember. Two or three years ago they also messe dup people'S PCs by a terribly flawed update which made many people to reinstall.

You always have to have a very close look before hitting the "proceed"-button.


No security software is out there that you should trust blindly. Never. Even more so since today these security programs themselves get attacked to find entrance into the system. This turns them into a vulnerability themselves.
that wont wipe out bios persistent payloads
__________________
Grumpy as always.
ikalugin is offline   Reply With Quote
Old 04-03-17, 09:14 AM   #11
Onkel Neal
Born to Run Silent
 
Onkel Neal's Avatar
 
Join Date: Jan 1997
Location: Cougar Trap, Texas
Posts: 21,276
Downloads: 534
Uploads: 224


Default

Quote:
Originally Posted by HW3 View Post
Did you try booting into safe mode and then running them?
I will try that next
__________________
SUBSIM - 26 Years on the Web
Onkel Neal is offline   Reply With Quote
Old 04-03-17, 09:24 AM   #12
Skybird
Soaring
 
Skybird's Avatar
 
Join Date: Sep 2001
Location: the mental asylum named Germany
Posts: 40,340
Downloads: 9
Uploads: 0


Default

Quote:
Originally Posted by Onkel Neal View Post
I will probably back up all the files on a flash drive and reinstall Windows.Been a while since I've done that, so I'm due, I guess.
Think again. You want to save files from an possibly infested system - and then play these files back onto a fresh system...?

No-no.

Better use an older data archive you have - even if that means you lose some of your latest data. It should be a data status from before your system got infested.
__________________
If you feel nuts, consult an expert.
Skybird is offline   Reply With Quote
Old 04-03-17, 09:28 AM   #13
ikalugin
Ocean Warrior
 
Join Date: Aug 2014
Location: Moscow, Russia
Posts: 3,212
Downloads: 8
Uploads: 0


Default

Also, if it is a high end persistent payload - it spreads without any file transfer, just by plugging the USB drive or external hard drive.
__________________
Grumpy as always.
ikalugin is offline   Reply With Quote
Old 04-03-17, 10:47 AM   #14
Rockin Robbins
Navy Seal
 
Join Date: Mar 2007
Location: DeLand, FL
Posts: 8,899
Downloads: 135
Uploads: 52


Default

These people are too paranoid. ALWAYS start from the simplest and most likely fixes and do the weird stuff only if that doesn't work. Chances are of this BIOS and persistent virus stuff of being present are very, very low. The vast majority of slow computers only have spyware and adware going on. If your computer handles millions of dollars in confidential transactions, is involved with international espionage or terrorism, disregard my position.

A simple MSE or other antivirus scan will find most other problems and eradicate them. Yes an atomic bomb will kill a mosquito, but does a lot of collateral damage in the process. Of all the hundreds of computers I've fixed I've only dropped the thermonuclear device a couple of times. The rest were simple fixes and remained fixed until they brought them back with newly acquired adware and spyware.

Yes, vaporizing all of creation will fix all problems. Permanently. No, it usually isn't called for. It's called minimum necessary use of force. Ask any police officer what that means. You can stop any crime by shooting the suspect dead. Assuming he needs to be dead is usually a mistake. A doctor usually doesn't amputate an arm for a hangnail.

Last edited by Rockin Robbins; 04-03-17 at 11:12 AM.
Rockin Robbins is offline   Reply With Quote
Old 04-03-17, 06:18 PM   #15
Onkel Neal
Born to Run Silent
 
Onkel Neal's Avatar
 
Join Date: Jan 1997
Location: Cougar Trap, Texas
Posts: 21,276
Downloads: 534
Uploads: 224


Default

Man, today I went to start the computer up to a power off State and it just says "logging off"

Hey, it never logged on!
__________________
SUBSIM - 26 Years on the Web
Onkel Neal is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:29 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright © 1995- 2024 Subsim®
"Subsim" is a registered trademark, all rights reserved.