I have never seen a more infected computer in my life

By f0rk_b0mb
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

f0rk_b0mb

Posted
  • Author
Posted

Ah. I hadn't realized she was 13. Not say that being a girl makes a difference (it doesn't), but at 13 oftentimes you haven't had the time to figure out how to work on these things as effectively.

That's just a matter of practice. :)

Yeah her dad said she was into facebook, downloading music from shady sources (some of the sites he listed I never heard of and I'm not about to go on them) , sharing things with her friends and she's probably getting curious around this time. All of these things throw a huge red flag in my head and are a recipe for infection. I'm actually surprised she doesn't have anything worse.

Grand Master

remixedcat

Posted
Posted

10 hours? What in the world are you doing with these systems?

I recently had a system that I worked on for a client. It had 6 drives with a total of around 4TB worth of storage that was mostly used. Someone had been doing some naughty things on that system.

It had a rootkit, and several other infections. I had the system clean and back in the clients hands within 3 hours...

What would you be doing that takes 10 hours? I've never had a single system clean take me more than about 4 hours...the one above was one of the longest clean jobs I've ever had.

several things....

Grand Master

Astra.Xtreme

Posted
Posted

This isn't a corporate machine with a nice image of everything, it's a home PC. That's a last resort.

As I've said before in other places...do the job right, don't just wipe and install. That's a waste of your time, and their time.

I disagree. I don't see any trouble with a simple backup and reinstall. The only hurdle is actually getting all the files backed up.

If you put the HDD in another PC, the backup will take no time at all. Much quicker than attempting a million types of scans and "fixes".

I'd rather wipe it clean and guarantee it will be fixed rather than mask the problem. It's extremely difficult to completely remedy an infected PC. Then when it starts getting slow or infected again, the person will be knocking on your door for "warranty" work.

Veteran

Shane Nokes

Posted
Posted

several things....

Indeed. That's why I asked. I've been doing this for a long time...and if it's taking 10 hours...there is either something wrong with the hardware...or there's a lot of extra work being done that doesn't need to be done...or both.

Grand Master

spacer

Posted
Posted

This isn't a corporate machine with a nice image of everything, it's a home PC. That's a last resort.

As I've said before in other places...do the job right, don't just wipe and install. That's a waste of your time, and their time.

I agree with cat and some others. Just scan the files worth keeping, back them up, re-install.

You said "do the job right, don't just wipe and install", but re-install is the only way to ensure that a system is clean and safe. I'd call that the "right" way.

Veteran

Shane Nokes

Posted
Posted

I disagree. I don't see any trouble with a simple backup and reinstall. The only hurdle is actually getting all the files backed up.

If you put the HDD in another PC, the backup will take no time at all. Much quicker than attempting a million types of scans and "fixes".

I'd rather wipe it clean and guarantee it will be fixed rather than mask the problem. It's extremely difficult to completely remedy an infected PC. Then when it starts getting slow or infected again, the person will be knocking on your door for "warranty" work.

Again, for a corporate machine I agree. Flatten and reinstall. There shouldn't be anything personal on there to being with.

For a home user there is no reason why this needs to be done. It's not extremely difficult to completely remedy an infected machine.

I also keep a log of all infections. If (and it's rare) I get someone in soon after a repair I show them the log of what was found on the machine, and what is now on the machine. I check the date on the infected files found for when they were first put on the machine and compare it to the date of service.

If the date is after the service I performed I fix the machine, and charge the customer again.

If you think cleaning an infected machine is extremely difficult, then another field would probably be best. I'm not saying that as an insult, but as a statement of fact.

Infected machines are one of the most common tasks for a repair shop...and if you haven't figured out how to fully clean a machine and have been doing the job for a while? It usually means it's not what you're meant to do.

  • Spartan Erik
  • Like 1
Veteran

Shane Nokes

Posted
Posted

Wow...yeah another thread I'm going to have to back out of...

I can't believe there are this many folks on the site that don't know how to properly clean a machine...I'm absolutely shocked right now...several folks that I thought were highly knowledgable just surprising me with this...

I mean that's like telling me that's it's easier to just buy a new engine rather than repair the existing engine in my car.

I've grown up around family that are computer engineers that have worked for places like NASA, and mechanical engineers that work in the Aerospace industry...

To me what everyone here is saying is such a foreign concept...the idea that you can't take the time to do it right...just baffles me.

Grand Master

Brandon H Supervisor

Posted
  • Supervisor
Posted

I also keep a log of all infections. If (and it's rare) I get someone in soon after a repair I show them the log of what was found on the machine, and what is now on the machine. I check the date on the infected files found for when they were first put on the machine and compare it to the date of service.

If the date is after the service I performed I fix the machine, and charge the customer again.

that's actually a really good idea
Grand Master

remixedcat

Posted
Posted

Indeed. That's why I asked. I've been doing this for a long time...and if it's taking 10 hours...there is either something wrong with the hardware...or there's a lot of extra work being done that doesn't need to be done...or both.

it's bad when you have tricky clients.... that will not budge... that's why I gave up on support for regular people in my area... I've gotten treated pretty badly... this area I live in has some real *******s. I only will support corp. clients here that have to treat me nice.

Veteran

xWhiplash

Posted
Posted

Again, for a corporate machine I agree. Flatten and reinstall. There shouldn't be anything personal on there to being with.

For a home user there is no reason why this needs to be done. It's not extremely difficult to completely remedy an infected machine.

I also keep a log of all infections. If (and it's rare) I get someone in soon after a repair I show them the log of what was found on the machine, and what is now on the machine. I check the date on the infected files found for when they were first put on the machine and compare it to the date of service.

If the date is after the service I performed I fix the machine, and charge the customer again.

If you think cleaning an infected machine is extremely difficult, then another field would probably be best. I'm not saying that as an insult, but as a statement of fact.

Infected machines are one of the most common tasks for a repair shop...and if you haven't figured out how to fully clean a machine and have been doing the job for a while? It usually means it's not what you're meant to do.

You do realize that most work and businesses block the really bad stuff right? Home users seem to get way more nasty stuff than people at work do.

How is formatting not doing things right? Please explain that one to me. If it takes the same amount of time to do a reinstall as it does to clean the existing install, how is it "the wrong thing to do"? If a client does serious banking and taxes, a format would be much much safer and "the right thing". You can spend 10 days making sure the system is clean, but if for SOME reason you missed something and the client comes back because their credit card information was stolen (or something horrible happened), who will they yell at? Format...is a guarantee as long as their data is secure when you restore it.

Mentor

Spartan Erik

Posted
Posted

To save time I find it to be much faster to boot with a Linux Live CD on the infected machine, transfer all the important personal data to an external drive, then wipe the infected drive and do a re-install. Of course this only works if the important data are pictures/music/docs and not programs, but generally I find most people still have their CD-based install media or the content can be downloaded online anyway.

Avoids the headache of having your anti-malware software hang because of all the junk running in the background, and potential data loss if you get a bug that likes to delete files on a whim.

Veteran

Shane Nokes

Posted
Posted

it's bad when you have tricky clients.... that will not budge... that's why I gave up on support for regular people in my area... I've gotten treated pretty badly... this area I live in has some real *******s. I only will support corp. clients here that have to treat me nice.

Huh. I might have been lucky living here in Washington. I've had some difficult clients...but those folks I just tell them to take a hike. I do it politely, but I do it.

When I was running my business I could afford to do so since I had enough clients who trusted me and liked my work. Heck I was doing well enough that I was often bartering with some of my business clients for services instead of payment.

I didn't pay for doctor or chiropractic visits for years due to bartering my services at a rate of 1 visit per hour for the chiropractor, and just a simple exchange with the doc. :)

Getting way OT here though with this post.

  • Brandon H and remixedcat
  • Like 2
Grand Master

f0rk_b0mb

Posted
  • Author
Posted

Huh. I might have been lucky living here in Washington. I've had some difficult clients...but those folks I just tell them to take a hike. I do it politely, but I do it.

When I was running my business I could afford to do so since I had enough clients who trusted me and liked my work. Heck I was doing well enough that I was often bartering with some of my business clients for services instead of payment.

I didn't pay for doctor or chiropractic visits for years due to bartering my services at a rate of 1 visit per hour for the chiropractor, and just a simple exchange with the doc. :)

Getting way OT here though with this post.

I'm probably going to try cleaning it (like my original plan), but if I can't get it to perform the way it should or it's taking too long, then I'm going with the fresh install.

Veteran

Shane Nokes

Posted
Posted

You do realize that most work and businesses block the really bad stuff right? Home users seem to get way more nasty stuff than people at work do.

How is formatting not doing things right? Please explain that one to me. If it takes the same amount of time to do a reinstall as it does to clean the existing install, how is it "the wrong thing to do"? If a client does serious banking and taxes, a format would be much much safer and "the right thing". You can spend 10 days making sure the system is clean, but if for SOME reason you missed something and the client comes back because their credit card information was stolen (or something horrible happened), who will they yell at? Format...is a guarantee as long as their data is secure when you restore it.

Ok I'll break it down in bullet points...but don't get mad at me for doing so...most people go off on me for being a jerk when I do this

1. Yes, and most of my clients were home or home office folks. I know what my job was and what work I did...

2. Formatting is one way of doing it...but it's destructive in its very nature. The best route is to not destroy data when it can be prevented.

3. It doesn't take the same amount of time. To do a full back up of their system, zeroing the drive (things can survive a standard format), reinstalling the OS, reinstalling all their programs, restoring their outlook files (yes sometimes home users have this), putting all their savegames back, making sure customizations are back in place, etc. all usually takes longer than just doing the proper offline scan & clean.

4. If you're doing your job correctly you're not going to miss something. That's my point. If you're so worried that you're going to miss something, then you're not as confident in your abilities as you should be.

So to break it down into a TL;DR...if you're doing it right it doesn't take hours and hours, and is usually faster than having to put their system back exactly as it was.

I knew I shoud have left the thread earlier like I said...all I'm doing is repeating myself...which I think some folks are getting a kick out of...

I'm probably going to try cleaning it (like my original plan), but if I can't get it to perform the way it should or it's taking too long, then I'm going with the fresh install.

If you need any help let me know. I'm usually around and can try to answer quickly. :)

Veteran

xWhiplash

Posted
Posted

Ok I'll break it down in bullet points...but don't get mad at me for doing so...most people go off on me for being a jerk when I do this

1. Yes, and most of my clients were home or home office folks. I know what my job was and what work I did...

2. Formatting is one way of doing it...but it's destructive in its very nature. The best route is to not destroy data when it can be prevented.

3. It doesn't take the same amount of time. To do a full back up of their system, zeroing the drive (things can survive a standard format), reinstalling the OS, reinstalling all their programs, restoring their outlook files (yes sometimes home users have this), putting all their savegames back, making sure customizations are back in place, etc. all usually takes longer than just doing the proper offline scan & clean.

4. If you're doing your job correctly you're not going to miss something. That's my point. If you're so worried that you're going to miss something, then you're not as confident in your abilities as you should be.

So to break it down into a TL;DR...if you're doing it right it doesn't take hours and hours, and is usually faster than having to put their system back exactly as it was.

I knew I shoud have left the thread earlier like I said...all I'm doing is repeating myself...which I think some folks are getting a kick out of...

If you need any help let me know. I'm usually around and can try to answer quickly. :)

I really do not understand why you think formatting means we cannot do our jobs. Again, if somebody does serious banking, buys A LOT of stuff online, does their taxes. A format, as you said, is destructive. So it is better since it is more secure....

Grand Master

Astra.Xtreme

Posted
Posted

Wow...yeah another thread I'm going to have to back out of...

I can't believe there are this many folks on the site that don't know how to properly clean a machine...I'm absolutely shocked right now...several folks that I thought were highly knowledgable just surprising me with this...

I mean that's like telling me that's it's easier to just buy a new engine rather than repair the existing engine in my car.

I've grown up around family that are computer engineers that have worked for places like NASA, and mechanical engineers that work in the Aerospace industry...

To me what everyone here is saying is such a foreign concept...the idea that you can't take the time to do it right...just baffles me.

Settle down... There's no reason to flip out just because people don't agree with you.

Perhaps for starters, you have to understand the context of the OP's situation. He's saying this is a severely infected machine, so that probably means it's not going to be an easy fix via a virus scan or combo fix. If the infection regenerates, then you'll just be wasting your time trying to get rid of every trace of it.

I still stand by my belief that a backup and reinstall is much quicker. I do it all the time for my client, and it makes both of us feel better knowing that it's a clean slate. Backing up files takes a few minutes to an hour or two, unless they have multiple GBs in media. Then reinstalling Windows takes maybe 30 min via USB. Copy back the files, and you're done in a couple hours and will have full performance and no band-aids.

I'm not saying you're lying, but if it only takes you 3 hours tops to fix any sort of infected machine, then you must not have seen anything severe. Running a full virus scan alone takes an hour or more depending on how fast the PC is. Then anything additional just tacks on more time. Getting rid of the infection is one thing, but restoring the destruction it's done is a completely different beast. The biggest problem I see on PCs is that it's either not fully updated or there's too much crapware installed. A fresh install solves every single one of these problems in minimal time. But again, look at the context of this thread. If the PC is not clearly crippled, then yeah a reinstall probably isn't the best answer.

Veteran

Shane Nokes

Posted
Posted

/Facepalm...

LIke I said...we're going in circles. You want to spend your time not learning how to properly clean an infection...cool.

Make sure the next time you hear a knock in your engine, just drop the whole thing out and replace it then...after all...proper diagnosis and repair is worthless.

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Windows 11 is getting redesigned taskbar settings in new build

      By TarasBuria · Posted

      Windows 11 is getting redesigned taskbar settings in new build by Taras Buria Microsoft is rolling out new Windows 11 preview builds in the Insider program, offering users new features and changes to try ahead of public release. In the Experimental channel (formerly Dev), Microsoft is shipping build 26300.8758, while in the Beta channel, users can download build 26220.8754. The changelogs do not contain much, but there is an important update to taskbar settings. Here is what is new in build 26220.8754: [Taskbar] Taskbar customization just got easier. As we continue to make improvements to the Taskbar experience mentioned last month, we've introduced a dedicated Taskbar Size setting, making it simpler to find, understand, and personalize your ideal taskbar experience. We've also made refinements to the transitions between taskbar sizes for a smoother overall experience. [File Explorer] We've improved the reliability of thumbnail previews for cloud files in the Details pane. The pane has also been reorganized so file properties are easier to find and review at a glance. Fixed an issue where the OneDrive shortcut in File Explorer stops working when File Explorer is run in administrative mode. Fixed an issue where the confirmation dialog might display an internal Recycle Bin file name instead of the original file name when permanently deleting a file. [Sounds] Improved system sounds when using Windows in dark mode. And here is what is new in build 26220.8754: [Smart card removal policy] Administrators can now configure Azure Virtual Desktop (AVD) and Windows 365 sessions that use Microsoft Entra ID (RDS AAD Auth) authentication to automatically disconnect when a redirected smart card is removed. This extends smart card removal policy enforcement to Microsoft Entra authenticated remote sessions, helping organizations meet security and compliance requirements. [File Explorer] Fixed an issue where the OneDrive shortcut in File Explorer stops working when File Explorer is run in administrator mode. [Taskbar] Improved reliability of loading the system tray area of the taskbar. [Sounds] Improved system sounds when using Windows in dark mode. You can find release notes for build 26300.8758 here and for build 26220.8754 here.
    • Apple reportedly has a second-generation iPhone Fold planned for 2027

      By +Random Stranger · Posted

      Correct. Thank you unfortunately commenting on this stupid article we bring a possible more crap like that. If it gets click they post it
    • Firefox 152.0.3

      By Copernic · Posted

      Firefox 152.0.3 by Razvan Serea Firefox is a fast, full-featured Web browser. It offers great security, privacy, and protection against viruses, spyware, malware, and it can also easily block pop-up windows. The key features that have made Firefox so popular are the simple and effective UI, browser speed and strong security capabilities. Firefox has complete features for browsing the Internet. It is very reliable and flexible due to its implemented security features, along with customization options. Firefox includes pop-up blocking, tab-browsing, integrated Google search, simplified privacy controls, a streamlined browser window that shows you more of the page than any other browser and a number of additional features that work with you to help you get the most out of your time online. Firefox key features Enhanced Tracking Protection (ETP) – Blocks trackers, cookies, cryptominers, and fingerprinters by default. Private Browsing Mode – Deletes history, cookies, and temporary files when closed. Lightweight & Fast Performance – Optimized memory usage with efficient page loading. Cross-Platform Sync – Sync bookmarks, passwords, history, and open tabs across devices. Customizable Interface – Toolbars, themes, and extensions can be tailored to user needs. Strong Privacy Controls – Options to manage cookies, permissions, and site data easily. Reader Mode – Strips away clutter for distraction-free reading. Pocket Integration – Save and read articles offline with Pocket built into Firefox. Picture-in-Picture (PiP) – Watch videos in a floating window while multitasking. Extensions & Add-ons – Vast library for productivity, security, and personalization. Built-in PDF Viewer – No need for external software to view PDFs. Firefox Monitor – Alerts users if their email is part of a known data breach. Multi-Account Containers – Isolate browsing sessions (e.g., work, personal, shopping). Performance & Resource Efficiency – Uses fewer system resources than some competitors. Open Source & Community-Driven – Transparent development with global contributions. Firefox 152.0.3 fixes: Fixed an issue that could cause extreme memory usage and freezing on startup for users with language packs installed. (Bug 2049845) Download: Firefox 64-bit | Firefox 32-bit | ARM64 | ~70.0 MB (Freeware) Download: Firefox for MacOS | 146.0 MB View: Firefox Home Page | Release Notes Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Save 78% on Microsoft Office 2024 Professional Plus: Lifetime License

      By News Staff · Posted

      Save 78% on Microsoft Office 2024 Professional Plus: Lifetime License by Steven Parker Created with ChatGPT Today's highlighted deal comes via our Apps + Software section of the Neowin Deals store, where you can save 78% on Microsoft Office 2024 Professional Plus: Lifetime License. The essentials to get it all done. Microsoft Office 2024 Home is the latest version of Microsoft’s renowned productivity suite, which includes essential applications like Word, Excel, PowerPoint, and OneNote. This version is specifically designed for individuals and families seeking reliable tools for various home tasks, including document creation, spreadsheet management, presentation design, and note-taking. Office 2024 Professional Plus is for students and families who want classic Office apps on their Mac or PC. A one-time purchase installed on 1 PC or Mac for use at home or school. Lifetime license One-time purchase installed on 1 Windows PC for use at home or work Instant Delivery & Download – access your software license keys and download links instantly Free customer service – only the best support! Microsoft Office 2024 Professional Plus includes: Microsoft Word Microsoft Excel Microsoft PowerPoint Microsoft Outlook Microsoft OneNote Microsoft Access Is it legit? Click here to verify Microsoft partnership No faffing about with subscriptions, just classic apps that don't expire. Good to Know ONE-TIME PURCHASE INSTALLED ON 1 DEVICE This licensing type will be connected with your Microsoft Account, NOT your actual device. This is a one-use code. The product you are purchasing is NOT MICROSOFT 365. Please read the product details. Redemption deadline: redeem your code within 30 days of purchase Access options: desktop Full versions No subscriptions – no monthly/annual fees Version: 2024 Updates included A Microsoft Office 2024 Professional Plus: Lifetime License normally costs $249.99, but this deal can be yours for just $54.97, that's a saving of $195. For full terms, specifications, and license info, click the link below. Microsoft Office 2024 Professional Plus for PC for $59.99 (was $249.99) Although priced in U.S. dollars, this deal is available for digital purchase worldwide. Support queries If you have queries or need support for any of the Neowin Deals, please use the contact form here. Neowin Deals are managed and sold by StackCommerce who represent Neowin on an affiliate basis. Why we post these deals We post these because we earn commission on each sale so as not to rely solely on advertising, which many of our readers block. It all helps toward paying staff reporters, servers and hosting costs. So for those that keep moaning and complaining, be thankful we're still online for you to even do that. Other ways to support Neowin Whitelist Neowin by not blocking our ads Create a free member account to see fewer ads Make a donation to support our day to day running costs Subscribe to Neowin - for $14 a year, or $28 a year for an ad-free experience Disclosure: Neowin benefits from revenue of each sale made through our branded deals site powered by StackCommerce.
    • Payday 2 engine upgrade adds 64-bit and DX11 support, drastically shrinks install size

      By +Random Stranger · Posted

      Payday TWO!! Is 13 years old man I feel old - I remember trying it out and if I did not know I would say 5-6 years ago or something

  • Recent Achievements

    • Week One Done
      Scoobystu earned a badge
      Week One Done
    • Week One Done
      tuben earned a badge
      Week One Done
    • First Post
      OffsetAbs earned a badge
      First Post
    • Reacting Well
      OffsetAbs earned a badge
      Reacting Well
    • First Post
      Kolakid60 earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      438
    2. 2
      +Edouard
      197
    3. 3
      PsYcHoKiLLa
      156
    4. 4
      FloatingFatMan
      71
    5. 5
      Steven P.
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!