Jump to content



Photo

I have never seen a more infected computer in my life

virus malware

  • Please log in to reply
85 replies to this topic

#46 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 18:44

You do realize that most work and businesses block the really bad stuff right? Home users seem to get way more nasty stuff than people at work do.

How is formatting not doing things right? Please explain that one to me. If it takes the same amount of time to do a reinstall as it does to clean the existing install, how is it "the wrong thing to do"? If a client does serious banking and taxes, a format would be much much safer and "the right thing". You can spend 10 days making sure the system is clean, but if for SOME reason you missed something and the client comes back because their credit card information was stolen (or something horrible happened), who will they yell at? Format...is a guarantee as long as their data is secure when you restore it.


Ok I'll break it down in bullet points...but don't get mad at me for doing so...most people go off on me for being a jerk when I do this

1. Yes, and most of my clients were home or home office folks. I know what my job was and what work I did...
2. Formatting is one way of doing it...but it's destructive in its very nature. The best route is to not destroy data when it can be prevented.
3. It doesn't take the same amount of time. To do a full back up of their system, zeroing the drive (things can survive a standard format), reinstalling the OS, reinstalling all their programs, restoring their outlook files (yes sometimes home users have this), putting all their savegames back, making sure customizations are back in place, etc. all usually takes longer than just doing the proper offline scan & clean.
4. If you're doing your job correctly you're not going to miss something. That's my point. If you're so worried that you're going to miss something, then you're not as confident in your abilities as you should be.

So to break it down into a TL;DR...if you're doing it right it doesn't take hours and hours, and is usually faster than having to put their system back exactly as it was.

I knew I shoud have left the thread earlier like I said...all I'm doing is repeating myself...which I think some folks are getting a kick out of...

I'm probably going to try cleaning it (like my original plan), but if I can't get it to perform the way it should or it's taking too long, then I'm going with the fresh install.


If you need any help let me know. I'm usually around and can try to answer quickly. :)


#47 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 20 November 2012 - 18:46

If you need any help let me know. I'm usually around and can try to answer quickly. :)


Thanks. I'll probably take some pics and screenshots and throw them here just for kicks and giggles.

#48 xWhiplash

xWhiplash

    Neowinian Senior

  • Joined: 07-March 08

Posted 20 November 2012 - 18:46

Ok I'll break it down in bullet points...but don't get mad at me for doing so...most people go off on me for being a jerk when I do this

1. Yes, and most of my clients were home or home office folks. I know what my job was and what work I did...
2. Formatting is one way of doing it...but it's destructive in its very nature. The best route is to not destroy data when it can be prevented.
3. It doesn't take the same amount of time. To do a full back up of their system, zeroing the drive (things can survive a standard format), reinstalling the OS, reinstalling all their programs, restoring their outlook files (yes sometimes home users have this), putting all their savegames back, making sure customizations are back in place, etc. all usually takes longer than just doing the proper offline scan & clean.
4. If you're doing your job correctly you're not going to miss something. That's my point. If you're so worried that you're going to miss something, then you're not as confident in your abilities as you should be.

So to break it down into a TL;DR...if you're doing it right it doesn't take hours and hours, and is usually faster than having to put their system back exactly as it was.

I knew I shoud have left the thread earlier like I said...all I'm doing is repeating myself...which I think some folks are getting a kick out of...



If you need any help let me know. I'm usually around and can try to answer quickly. :)


I really do not understand why you think formatting means we cannot do our jobs. Again, if somebody does serious banking, buys A LOT of stuff online, does their taxes. A format, as you said, is destructive. So it is better since it is more secure....

#49 Astra.Xtreme

Astra.Xtreme

    Electrical Engineer

  • Tech Issues Solved: 4
  • Joined: 02-January 04
  • Location: Milwaukee, WI

Posted 20 November 2012 - 18:47

Wow...yeah another thread I'm going to have to back out of...

I can't believe there are this many folks on the site that don't know how to properly clean a machine...I'm absolutely shocked right now...several folks that I thought were highly knowledgable just surprising me with this...

I mean that's like telling me that's it's easier to just buy a new engine rather than repair the existing engine in my car.

I've grown up around family that are computer engineers that have worked for places like NASA, and mechanical engineers that work in the Aerospace industry...

To me what everyone here is saying is such a foreign concept...the idea that you can't take the time to do it right...just baffles me.


Settle down... There's no reason to flip out just because people don't agree with you.
Perhaps for starters, you have to understand the context of the OP's situation. He's saying this is a severely infected machine, so that probably means it's not going to be an easy fix via a virus scan or combo fix. If the infection regenerates, then you'll just be wasting your time trying to get rid of every trace of it.

I still stand by my belief that a backup and reinstall is much quicker. I do it all the time for my client, and it makes both of us feel better knowing that it's a clean slate. Backing up files takes a few minutes to an hour or two, unless they have multiple GBs in media. Then reinstalling Windows takes maybe 30 min via USB. Copy back the files, and you're done in a couple hours and will have full performance and no band-aids.

I'm not saying you're lying, but if it only takes you 3 hours tops to fix any sort of infected machine, then you must not have seen anything severe. Running a full virus scan alone takes an hour or more depending on how fast the PC is. Then anything additional just tacks on more time. Getting rid of the infection is one thing, but restoring the destruction it's done is a completely different beast. The biggest problem I see on PCs is that it's either not fully updated or there's too much crapware installed. A fresh install solves every single one of these problems in minimal time. But again, look at the context of this thread. If the PC is not clearly crippled, then yeah a reinstall probably isn't the best answer.

#50 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 18:48

/Facepalm...

LIke I said...we're going in circles. You want to spend your time not learning how to properly clean an infection...cool.

Make sure the next time you hear a knock in your engine, just drop the whole thing out and replace it then...after all...proper diagnosis and repair is worthless.

#51 Som

Som

    Neowinian

  • Joined: 14-December 06
  • Location: Ireland

Posted 20 November 2012 - 18:48

boot into safe mode with command prompt.... its an exe usually located in C:\Users\<username>\ or C:\Users\<username>\appdata

sometimes its under C:\ProgramData too, deleted the exes reboot and run malwarebytes, its not that hard really ... all these malwares are the same

#52 McKay

McKay

    Neowinian Stallion

  • Joined: 29-August 10
  • Location: 308 Negra Arroyo Lane
  • OS: Windows 8.1
  • Phone: LG G3

Posted 20 November 2012 - 18:48

Still can't. Go to "more Reply options" and upload it from there. Thanks eddie. :)


Here you go.

Attached Images

  • zcfnB.jpg


#53 farmeunit

farmeunit

    The other white meat.

  • Tech Issues Solved: 2
  • Joined: 05-May 03
  • Location: Branson, MO USA

Posted 20 November 2012 - 18:50

I offered to fix one of my teacher's daughter's laptops and she has this virus (don't worry link is safe): http://blog.yoocare....fine-to-unlock/

Along with a ton of other viruses/malware/crapware/etc. She is running Windows 7 and has a ton of personal data on it (so she says). I'm doing the job tomorrow. I'm here to tell my plan of attack and take suggestions.

1. I'm going to boot into safe mode with networking and remove those registry entries as shown in the tutorial in the link above.
--I'll take 2 Advil before doing this... :argh:

2. I'm going to remove the crapware
--So I can get some f***ing work done. It's slowing down her machine and clogging up the computer. I will use:
* Revo Uninstaller
* CCleaner

3. Go ham on the malware
- Get all the other crap off. I will use:
* Malwarebytes
* Spybot
* Install MSE when all is said and done. (It's my antivirus of choice)

4. General System maintenance
* Update Drivers
* Update Programs
* Do Windows Updates

What Do ya think?


Boot LiveCD. Copy files. Reformat. Reinstall files. Done.

#54 spacer

spacer

    I'm awesome

  • Joined: 09-November 06
  • Location: Connecticut, USA
  • OS: Windows 7
  • Phone: Nexus 4

Posted 20 November 2012 - 18:51

4. If you're doing your job correctly you're not going to miss something. That's my point. If you're so worried that you're going to miss something, then you're not as confident in your abilities as you should be.


The only problem with that, is that there are no tools or practices that will fully identify, quarantine, and clean a computer with 100% accuracy and guarantee. No anti-virus or malware tool will catch everything. A multi-pass reformat of the drive and its boot sectors is the only way to be sure you have cleaned the infection.

#55 Astra.Xtreme

Astra.Xtreme

    Electrical Engineer

  • Tech Issues Solved: 4
  • Joined: 02-January 04
  • Location: Milwaukee, WI

Posted 20 November 2012 - 18:51

/Facepalm...

LIke I said...we're going in circles. You want to spend your time not learning how to properly clean an infection...cool.

Make sure the next time you hear a knock in your engine that you just drop the whole thing out and replace it then...after all...proper diagnosis and repair is worthless.


Yeah because cars problems have the same principle as PC problems...
FYI, you're just going to lose people's respect if you start demeaning yourself to trolling... Just saying.

#56 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 20 November 2012 - 18:53

Here you go.


Thanks. :) Oh dear...I'd probably fresh install that....with Windows 2000. :)

#57 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 18:55

Settle down... There's no reason to flip out just because people don't agree with you.
Perhaps for starters, you have to understand the context of the OP's situation. He's saying this is a severely infected machine, so that probably means it's not going to be an easy fix via a virus scan or combo fix. If the infection regenerates, then you'll just be wasting your time trying to get rid of every trace of it.

I still stand by my belief that a backup and reinstall is much quicker. I do it all the time for my client, and it makes both of us feel better knowing that it's a clean slate. Backing up files takes a few minutes to an hour or two, unless they have multiple GBs in media. Then reinstalling Windows takes maybe 30 min via USB. Copy back the files, and you're done in a couple hours and will have full performance.

I'm not saying you're lying, but if it only takes you 3 hours tops to fix any sort of infected machine, then you must not have seen anything severe. Running a full virus scan alone takes an hour or more depending on how fast the PC is. Then anything additional just tacks on more time. The biggest problem I see on PCs is that it's either not fully updated or there's too much crapware installed. A fresh install solves every single one of these problems in minimal time. But again, look at the context of this thread. If the PC is not clearly crippled, then yeah a reinstall probably isn't the best answer.


Flip out? Wow...lol. Dude I'm sitting drinking Game Fuel laughing my ass off. If you think an internet forum makes me flip out...you should see what I've done for the past several years as my day job. :p

The virus cannot replicate if the code isn't running. If the hard drive is scanned offline and handled properly you can clean ANYTHING off it.

As regards severity...I've seen everything man. You do this long enough and work on thousands and thousands of machines...you end up seeing it all. I've seen machines with literally hundreds of infections.

I once had to kick the primary IT guy out of a server room (ends up he's the one who infected the machine by sneaking to view porn in the first place) so that I could clean a machine that we couldn't afford to actually flatten. He hadn't been doing his job and making backups...and our job required that things stay up and running. It was a mission critical type of business (emergency response and such).

Now that one was fun...and the longest case I've ever had to deal with since there wasn't a way to take this system offline without taking the whole place down...

#58 +Brando212

Brando212

    Neowinian Senior

  • Tech Issues Solved: 11
  • Joined: 15-April 10
  • Location: Omaha, NE
  • OS: OS X Mavricks, Windows 7/8.1 Pro
  • Phone: Sony Xperia ZL, Nokia Lumia 925

Posted 20 November 2012 - 18:55

Thanks. :) Oh dear...I'd probably fresh install that....with Windows 2000. :)

like I said "Oh dear god, KILL IT WITH FIRE!!"
:laugh:

#59 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 20 November 2012 - 18:56

The only problem with that, is that there are no tools or practices that will fully identify, quarantine, and clean a computer with 100% accuracy and guarantee. No anti-virus or malware tool will catch everything. A multi-pass reformat of the drive and its boot sectors is the only way to be sure you have cleaned the infection.


Whoa! Hold up! You mean to tell me this crap can jump from the main partition to the hidden recovery partition? In my situation is this a possibility?

#60 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 18:57

Yeah because cars problems have the same principle as PC problems...
FYI, you're just going to lose people's respect if you start demeaning yourself to trolling... Just saying.


It's called a comparison. If you were knowledgable about how vehicles work these days you would understand that it's an apt comparison.

That said I'm not trolling, but you can keep claiming that all you want. Feel free to add me to your ignore list...it's pretty easy to do on here, and I won't mind. :)