Jump to content



Photo

I have never seen a more infected computer in my life

virus malware

  • Please log in to reply
85 replies to this topic

#61 xWhiplash

xWhiplash

    Neowinian Senior

  • Joined: 07-March 08

Posted 20 November 2012 - 18:58

And you say a full scan takes around an hour? Yeah right, I had old computers that a full scan took 3 hours to complete because A) it was a slower drive and B) they had so much stuff on it.

I have seen a full scan (even from Malwarebytes) take longer than a format and install would take. Even the quick scan on somebodies machine took 35 minutes!


#62 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 19:01

Whoa! Hold up! You mean to tell me this crap can jump from the main partition to the hidden recovery partition? In my situation is this a possibility?


Infections can hit any point on a system in order to hide. They can even create their own small hidden partitions.

That's what we were talking about earlier with rootkits and MBR infections and such. Those can still be cleaned...but for those who aren't certain they are 100% capable of doing so the best option is to back up and do a low-level format as those can be nasty.

And you say a full scan takes around an hour? Yeah right, I had old computers that a full scan took 3 hours to complete because A) it was a slower drive and B) they had so much stuff on it.

I have seen a full scan (even from Malwarebytes) take longer than a format and install would take. Even the quick scan on somebodies machine took 35 minutes!


As I said...going in circles....

If you don't want to see my posts or deal with what I say...just add me to your ignore list...it's easy and I won't mind. ;)

Oh and btw...show me where I said that a full scan takes an hour...show me a single place where I stated that.

I said the longest an infection has taken me to clean is a total of about 4 hours...the scan is usually the longest part of things. It's the cleanup where I'm extremely efficient.

#63 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 20 November 2012 - 19:04

Infections can hit any point on a system in order to hide. They can even create their own small hidden partitions.

That's what we were talking about earlier with rootkits and MBR infections and such. Those can still be cleaned...but for those who aren't certain they are 100% capable of doing so the best option is to back up and do a low-level format as those can be nasty.


If this machine does have a rootkit, I can remove it by opening up gparted in a Kubuntu live CD, deleting the small partition (it'll probobly be a few megs. right?), merging it with the big partition and if it doesn't boot, boot into a 7 install CD, open up CMD and type /fixmbr and /fixboot. Right?

#64 +Brando212

Brando212

    Neowinian Senior

  • Tech Issues Solved: 10
  • Joined: 15-April 10
  • Location: Omaha, NE
  • OS: OS X Mavricks, Windows 7/8.1 Pro
  • Phone: Sony Xperia ZL, Nokia Lumia 925

Posted 20 November 2012 - 19:05

Infections can hit any point on a system in order to hide. They can even create their own small hidden partitions.

That's what we were talking about earlier with rootkits and MBR infections and such. Those can still be cleaned...but for those who aren't certain they are 100% capable of doing so the best option is to back up and do a low-level format as those can be nasty.



As I said...going in circles....

If you don't want to see my posts or deal with what I say...just add me to your ignore list...it's easy and I won't mind. ;)

Oh and btw...show me where I said that a full scan takes an hour...show me a single place where I stated that.

I said the longest an infection has taken me to clean is a total of about 4 hours...the scan is usually the longest part of things. It's the cleanup where I'm extremely efficient.

you didn't and that's actually why a few people including me were confused at why you were able to clean so fast
i've had the experience of waiting 3 hours for a scan too

#65 xWhiplash

xWhiplash

    Neowinian Senior

  • Joined: 07-March 08

Posted 20 November 2012 - 19:06

Infections can hit any point on a system in order to hide. They can even create their own small hidden partitions.

That's what we were talking about earlier with rootkits and MBR infections and such. Those can still be cleaned...but for those who aren't certain they are 100% capable of doing so the best option is to back up and do a low-level format as those can be nasty.



As I said...going in circles....

If you don't want to see my posts or deal with what I say...just add me to your ignore list...it's easy and I won't mind. ;)

Oh and btw...show me where I said that a full scan takes an hour...show me a single place where I stated that.

I said the longest an infection has taken me to clean is a total of about 4 hours...the scan is usually the longest part of things. It's the cleanup where I'm extremely efficient.


I thought you did somewhere, maybe it was somebody else. My apologies. But, you said yourself that you can fix ANY computer within only a couple of hours.

A regular PC repair shop though...you can take the time to properly clean the machine. I can be done with that even in the worst of cases within a couple hours.


If it takes you longer, you obviously do not know what you are doing and need to change professions. I just told you from experience, ONE SCAN took 3 hours. That is all I mean, is that from my own experience, just one scan took longer than a format and install would have taken.

#66 +Brando212

Brando212

    Neowinian Senior

  • Tech Issues Solved: 10
  • Joined: 15-April 10
  • Location: Omaha, NE
  • OS: OS X Mavricks, Windows 7/8.1 Pro
  • Phone: Sony Xperia ZL, Nokia Lumia 925

Posted 20 November 2012 - 19:07

If this machine does have a rootkit, I can remove it by opening up gparted in a Kubuntu live CD, deleting the small partition (it'll probobly be a few megs. right?), merging it with the big partition and if it doesn't boot, boot into a 7 install CD, open up CMD and type /fixmbr and /fixboot. Right?

naw, you don't even need to do that much, kaspersky and Norton both have a couple great rootkit removers (about the only thing norton is good for :p) that will do that for you

#67 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 19:09

If this machine does have a rootkit, I can remove it by opening up gparted in a Kubuntu live CD, deleting the small partition (it'll probobly be a few megs. right?), merging it with the big partition and if it doesn't boot, boot into a 7 install CD, open up CMD and type /fixmbr and /fixboot. Right?


For rootkits it depends. Generally TDSSKiller is the best way to go, but it doesn't get everything. There are a few other tools that can be used.

When it comes to rootkits though...those can be a pain. That's why I said if it's the case where the person doesn't care so much and you're not 100% sure you can get it...then there is nothing wrong with doing a low-level format and reinstall once everything is backed up.

It took me a while to figure out rootkits and the best ways to clean them. I have a system that I infect on purpose on a regular basis with new stuff as it comes out so I can work on manual cleans.

#68 majortom1981

majortom1981

    The crazy one

  • Joined: 30-November 01

Posted 20 November 2012 - 19:10

With an infection this bad I find it the easiest to go into safemode first and go through the registry by hand and scan the registry for unneeded entries. Then go into services and make sure you didn't miss anything. Then I go and delete the files manually. Then I use ccleaner and an antivirus.

#69 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 19:11

you didn't and that's actually why a few people including me were confused at why you were able to clean so fast
i've had the experience of waiting 3 hours for a scan too


Indeed, and that's why I've said that the scan is usually the longest part. Once I know everything that's on the system I can go in and do a very quick clean since once I know what it is I know what to get rid of. :)

After that I do another scan of the system and make sure it's all good.

I think one thing I do differently is that I always handle the scans offline. I don't bother with scans when the system is up and running unless there's absolutely no other option...which has only happened once.

#70 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 23
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 20 November 2012 - 19:14

Things get infected bad....teenagers are the number one cause of retarded computers, they click on and allow everything.

#71 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 19:14

I thought you did somewhere, maybe it was somebody else. My apologies. But, you said yourself that you can fix ANY computer within only a couple of hours.



If it takes you longer, you obviously do not know what you are doing and need to change professions. I just told you from experience, ONE SCAN took 3 hours. That is all I mean, is that from my own experience, just one scan took longer than a format and install would have taken.


Indeed. I should have said few instead of couple. The max for me is about 4 hours. That's to scan and clean, and scan again.

As I mentioned above...it might have to do with how often I infect my test machine, and the fact that I do my scans offline. That cuts out a lot of time.

I do agree that it's faster than a format and install...but only a format and install. That ignores putting all of the data back on the machine exactly as it was when you got it.

Maybe it's just my work ethic, but I want my customer to walk out with their machine exactly as they gave it to me...just minus the infections.

#72 OP f0rk_b0mb

f0rk_b0mb

    Neowinian Senior

  • Tech Issues Solved: 3
  • Joined: 02-June 12
  • Location: 'Murica
  • OS: Windows, Linux, OS X
  • Phone: Motorola Moto G

Posted 20 November 2012 - 19:16

Things get infected bad....teenagers are the number one cause of retarded computers, they click on and allow everything.


^^ THIS!!!

#73 Astra.Xtreme

Astra.Xtreme

    Electrical Engineer

  • Tech Issues Solved: 4
  • Joined: 02-January 04
  • Location: Milwaukee, WI

Posted 20 November 2012 - 19:19

Flip out? Wow...lol. Dude I'm sitting drinking Game Fuel laughing my ass off. If you think an internet forum makes me flip out...you should see what I've done for the past several years as my day job. :p

The virus cannot replicate if the code isn't running. If the hard drive is scanned offline and handled properly you can clean ANYTHING off it.

As regards severity...I've seen everything man. You do this long enough and work on thousands and thousands of machines...you end up seeing it all. I've seen machines with literally hundreds of infections.

I once had to kick the primary IT guy out of a server room (ends up he's the one who infected the machine by sneaking to view porn in the first place) so that I could clean a machine that we couldn't afford to actually flatten. He hadn't been doing his job and making backups...and our job required that things stay up and running. It was a mission critical type of business (emergency response and such).

Now that one was fun...and the longest case I've ever had to deal with since there wasn't a way to take this system offline without taking the whole place down...


I'd classify post #38 as a mild flip-out, but whatever.
If you've seen it all, then there's no way you can fix any sort of scenario in the short duration of a few hours.
Unless you have a single app that will fix everything, running scans alone and actually diagnosing the problem kills hours and hours.
Scanning/diagnosing, fixing, and updating takes a lot of time and there is no way around it in even the best case.

The right way to fix a system is the method with a combination of the lowest time spent (customer cost) and the best future reliability. All I, and a few others, have been saying is that it doesn't take much for a backup and reinstall to be the fastest and most reliable choice.

#74 ShiZZa

ShiZZa

    Neowinian

  • Joined: 14-August 02
  • OS: Windows Server 2012
  • Phone: HTC Titian WP7.5

Posted 20 November 2012 - 19:23

Personally if you don't know what to do and you have to question yourself you might not want to take someones personals things and do the work.

#75 Shane Nokes

Shane Nokes

    Neowinian Senior

  • Joined: 29-July 12

Posted 20 November 2012 - 19:25

I'd classify post #38 as a mild flip-out, but whatever.
If you've seen it all, then there's no way you can fix any sort of scenario in the short duration of a few hours.
Unless you have a single app that will fix everything, running scans alone and actually diagnosing the problem kills hours and hours.
Scanning/diagnosing, fixing, and updating takes a lot of time and there is no way around it in even the best case.

The right way to fix a system is the method with a combination of the lowest time spent (customer cost) and the best future reliability. All I, and a few others, have been saying is that it doesn't take much for a backup and reinstall to be the fastest and most reliable choice.


So saying that I'm baffled and stepping back because I don't want to **** people off is flipping out?

Man I'd hate to see what you'd call someone actually flipping out. ;)


You can try to tell me the same thing over and over again...and it doesn't change what I've been doing for years...without an issue.

The way I do things is the reason why I've worked for the government, and why places like MS have me consult on things and even contract my work at points.

I'm good at what I do, and security happens to be one of my specialties.

Personally if you don't know what to do and you have to question yourself you might not want to take someones personals things and do the work.


This ^^



Click here to login or here to register to remove this ad, it's free!