Jump to content



Photo

Malware infection question


  • Please log in to reply
52 replies to this topic

#16 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 23
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 20 November 2012 - 15:46

the only thing with ccleaner is that you must run under each profile. Gets annoying when you have 5 profiles.


#17 Charisma

Charisma

    e-1337-ist

  • Joined: 02-May 10
  • Location: Galactic Sector ZZ9 Plural Z Alpha

Posted 20 November 2012 - 15:46

Correct, if you don't remove those internet temp files first 1 scan can EASILY! TAKE 2 hour - 3 hours. Yesterday I removed someones internet temp files, they had over 100,000 Internet temp files.

I once saw it remove over 15GB of temp files. I was floored...

#18 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 20 November 2012 - 15:48

I once saw it remove over 15GB of temp files. I was floored...


I sometimes use ccleaner, but sometimes I remove the internet temp files by hand and then rerun ccleaner for the rest of the files. ccleaner takes FOREVER to remove what takes far less time doing it by hand. As far as the reinstalls go, before I format I also backup their software registry Hive. I then run that through a product key finder and it extracts a lot of their product keys which allows me to reinstall some of their stuff for them, like office, norton and such.

#19 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 15:54

I'm on both sides of this

1) If I was infected with malware (which I have never been) I would restore from a good image. after the malware was removed I would not use the installation in its current state. I would never again trust it.
2) None of us can be 100% sure we got everything it's impossible. Having said that when i'm done I am pretty confident the infection is gone. Rarely do I reformat and very rarely do I get any systems immediately back.
3) 3 hours can be about right. Hell a full scan with malwarebytes is usually 40 mins. I also do an external scan with kaspersky rescue from outside of windows. That can be another 40 mins or longer. I usually remove all temp and internet temp files (usually with ccleaner) to make the scans go as fast as possible.
4) If I had to format and reinstall I don't see my customers saying bad things about. It's not they would loose all their data.


Just to put something out there.

If you actually know what you are doing, then yes you can be 100% certain it is gone. If you send a customer a machine where you are only pretty certain it is gone, then that's really bad.

That is just inviting all sorts of headaches, especially if you didn't get it and they have their identity stolen.

If you cannot take the time to be certain you have eliminated the threat then send them to someone else or close shop.

Man, I really am getting more like Ramsay as time goes on...

#20 Eddie7

Eddie7

    Hallo... www.connectw.me

  • Joined: 01-December 11
  • Location: Sydney, Australia
  • OS: Windows 7 Ultimate
  • Phone: 1-800-CALL-ME-MAYBE

Posted 20 November 2012 - 15:57

If you do a Windows 8 clean install, it will wipe out everything. So yes, it will wipe out the malware as well.

#21 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 20 November 2012 - 15:57

Just to put something out there.

If you actually know what you are doing, then yes you can be 100% certain it is gone. If you send a customer a machine where you are only pretty certain it is gone, then that's really bad.

That is just inviting all sorts of headaches, especially if you didn't get it and they have their identity stolen.

If you cannot take the time to be certain you have eliminated the threat then send them to someone else or close shop.

Man, I really am getting more like Ramsay as time goes on...


If you want to go through every registry key and reverse engineer every file on the hard drive be my guest. What I'm saying is using the tools that I use, they tell me the system is clean. The issue they came in with is no longer there. I inspect the system and known malware locations, and running processes, host files, .... nobody can be 100% sure.

The last scan of many I do, is an external system scan with a kaspersky rescue disc, just to make sure I do the best I can to find infections that are trying to hide from the running OS.

#22 Gotenks98

Gotenks98

    Neowinian

  • Joined: 18-December 01

Posted 20 November 2012 - 16:03

I never had an issue with a customer being mad because of a format and reinstall. I have had issues where one of our other technicians tried to clean a system and return it to a customer only to have them come back again. I would sooner say in the position I am in I would get more angry people with the removal than I would the clean install. If the customer has data they must keep I boot them to something where they can back up the files to an external they provide. Once that is done then I blast away the system. Either way the risk of ID theft and such is too great to let the customer just leave with a simple removal.

#23 OP xWhiplash

xWhiplash

    Neowinian Senior

  • Joined: 07-March 08

Posted 20 November 2012 - 16:10

If you want to go through every registry key and reverse engineer every file on the hard drive be my guest. What I'm saying is using the tools that I use, they tell me the system is clean. The issue they came in with is no longer there. I inspect the system and known malware locations, and running processes, host files, .... nobody can be 100% sure.


Yes exactly, if I tell my clients that do their banking and sensitive information that I could spend 3 or more hours fixing it, or spend the same amount of time re-installing. Most of them prefer re-installing.

It is much faster for me to install fresh and install their programs, than it is to try to mess with it. This is why I format, not because I am too stupid to clean it. But when people bank and have their tax stuff on there, you better be damn sure they prefer to wipe it.

I have my methods, you have yours. This post was not to get on me for my format choice. In my experience, it is much faster, and after I do a format I make a disk image and give it to them if they need it.

#24 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 16:13

If you want to go through every registry key and reverse engineer every file on the hard drive be my guest. What I'm saying is using the tools that I use, they tell me the system is clean. The issue they came in with is no longer there. I inspect the system and known malware locations, and running processes, host files, .... nobody can be 100% sure.

The last scan of many I do, is an external system scan with a kaspersky rescue disc, just to make sure I do the best I can to find infections that are trying to hide from the running OS.


Doing that is not necessary to ensure the system is clean.

You can be certain and if you're not confident in your work being 100% accurate it has no business going back to a customer.

Going back to the Ramsay point. If you work in a restaurant are going to serve food you think isn't spoiled or food that you know isn't spoiled?

If it is the former the then I don't want you in my kitchen. :p

#25 mduren2445

mduren2445

    Neowinian

  • Joined: 02-March 06

Posted 20 November 2012 - 16:14

If you want to go through every registry key and reverse engineer every file on the hard drive be my guest. What I'm saying is using the tools that I use, they tell me the system is clean. The issue they came in with is no longer there. I inspect the system and known malware locations, and running processes, host files, .... no body can be 100% sure.


I so agree...one has to remember also you can not spent many hours or even days on a machine if you are in business , you are paid for volume of machines you put thru and your roi (return on investment) diminishes each hour you work on a machine. For the sake of discussion let's say you charge $200 (or something eqivilent in your currency) to fix it, 4 hours to reload it $50 an hour, 8 hours to find and kill malware $25 an hour and you have worked twice as hard

#26 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 16:16

Wow...

I'm exiting the thread before I **** anyone off.

I didn't know we had this many professionals that didn't know how to properly clean a system without either blowing the whole thing away, or not being dead certain of their work.

That is just scary...

#27 OP xWhiplash

xWhiplash

    Neowinian Senior

  • Joined: 07-March 08

Posted 20 November 2012 - 16:20

Wow...

I'm exiting the thread before I **** anyone off.

I didn't know we had this many professionals that didn't know how to properly clean a system without either blowing the whole thing away, or not being dead certain of their work.

That is just scary...


This post was just a simple question about the Windows 8 upgrade process. Do not turn this into a My methods are better than yours. This thread was about Windows 8, not my malware methods so please just stop it with saying my methods are horrible.What is so damn hard to understand that for me formatting is a faster choice? Maybe you should have thought of this before entering the thread which was just a damn Windows 8 upgrade question.

#28 +warwagon

warwagon

    Only you can prevent forest fires.

  • Tech Issues Solved: 2
  • Joined: 30-November 01
  • Location: Iowa

Posted 20 November 2012 - 16:25

Wow...

I'm exiting the thread before I **** anyone off.

I didn't know we had this many professionals that didn't know how to properly clean a system without either blowing the whole thing away, or not being dead certain of their work.

That is just scary...


So how do you clean a computer?

The fact you say an external scan from outside of windows is not necessary is already scary, but go head!.

#29 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 16:32

So how do you clean a computer

The fact you say an external scan from outside of windows is not necessary is already scary, but go head!.


I didn't say that anywhere. I was referring to reverse engineering of files.

I start out by doing the system sweep from outside the OS, it saves a ton of time, and avoids redundancy.

I won't go into more detail though as the OP is already ****ed that I discussed malware infection removal in his malware infection removal post, that evidently was really supposed to only be about how to do a windows 8 upgrade.

I guess I need to learn how to avoid reading thread titles, and a majority of the content of that users posts...since evidently it takes them multiple paragraphs to ask what they really want to know, and ignore the rest as it is fluff...according to the poster themselves.

#30 Nerd Rage

Nerd Rage

    RAGE!

  • Joined: 05-June 02

Posted 20 November 2012 - 16:35

I work for a fortunate 500 company that has about 30,000 or so employees. Our IT department is absolutely huge. In our environment, if McAfee (not my choice, don't blame me, haha) flags malware, even if it successfully cleans it, we wipe the computer and reimage to ensure no baddies have been left behind. As mentioned previously in the thread, reimage/formatting is the only way to be 100% sure that no remnants of malware have been left behind.

That being said, if I had a small computer repair shop with customers that I wanted to keep happy, formatting would be my last resort.



Click here to login or here to register to remove this ad, it's free!