I have never seen a more infected computer in my life

By f0rk_b0mb
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

f0rk_b0mb

Posted
  • Author
Posted

Personally if you don't know what to do and you have to question yourself you might not want to take someones personals things and do the work.

I do this all the time. It just with this laptop, it one thing after another. All the other computers before was just a simple malware bytes and it's gone. Again, I'll post some screenshots tonight or tomorrow of the infection.

Veteran

Shane Nokes

Posted
Posted

I do this all the time. It just with this laptop, it one thing after another. Again, I'll post some screenshots tonight or tomorrow of the infection.

I'm very interested to see what comes up. :)

  • f0rk_b0mb and Brandon H
  • Like 2
Grand Master

f0rk_b0mb

Posted
  • Author
Posted

What the fu** man. The "antivirus" program she was useing is this. I bet it works really well. /s I got past the FBI Screen tho. :)

http://www.2-viruses.com/remove-antivirus-protection-2012

http://support.kaspersky.com/viruses/rogue?qid=208286236

Grand Master

Astra.Xtreme

Posted
Posted

So saying that I'm baffled and stepping back because I don't want to **** people off is flipping out?

Man I'd hate to see what you'd call someone actually flipping out. ;)

You can try to tell me the same thing over and over again...and it doesn't change what I've been doing for years...without an issue.

The way I do things is the reason why I've worked for the government, and why places like MS have me consult on things and even contract my work at points.

I'm good at what I do, and security happens to be one of my specialties.

Well then perhaps the better label would have been "complaining". Logistics like that are beyond the point, so let's just let it go.

That's great that your method works for you and that's great that you have good work experiences, but that doesn't mean your method is the best method. And I'm not saying your method is wrong either. Just that many times it's not the most efficient.

Consulting is my side project and since I'm a nerdy engineer, I did time studies on the PCs I cleaned up when I started with my first client. As I already said, lack of updates and crapware were the worst problems on top of the malware/infections. Cleaning it up manually and running Windows updater took double or triple the time of simply backing up files and reinstalling with an up-to-date Windows USB stick. Windows 7 is a lot quicker to update, but XP takes hours and hours and hours to run through some of those updates on a slow PC. The timing wasn't even close. It wasn't that I didn't know what I was doing. It's that scans, cleaning, and updating takes a lot of time. If you claim otherwise, you're lying.

But for a third time, the context here is what matters. If somebody gives me a PC that is simply a little slow, then a virus scan and a little tidying up is all it takes. If the PC is super slow, the desktop is hijacked, the task manager is blocked, safe mode is blocked, the internet redirects to ads, etc, then it's probably not worth the time trying to reverse the damage. Killing the infection and running a Windows repair takes too long and it's still just a band-aid. With a clean install, there is zero chance of the customer coming back to you and claiming the problem isn't solved and demanding "warranty" work.

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

Unless you personally inspect the code of every file and registry key on the computer after it was infected, you can't be 100% sure. You can be as sure as it's possible to be, but not 100%.

100% means that you personally verified that state of all registry entries and code of every file on the system, and then were able to determine that the malware had not has not under any shadow of a doubt modified any of them. 100% also means that you restored the system to a known good state using known clean media, such as an image (after nuking partitions) or reinstalling off a known good clean installation media.

hose can still be cleaned...but for those who aren't certain they are 100% capable of doing so the best option is to back up and do a low-level format as those can be nasty.
You want to spend your time not learning how to properly clean an infection...cool.

^I'm quoting Shane Nokes on both

Dude, you just got done telling us that you keep logs of every infection.

I also keep a log of all infections. If (and it's rare) I get someone in soon after a repair I show them the log of what was found on the machine, and what is now on the machine. I check the date on the infected files found for when they were first put on the machine and compare it to the date of service.

If the date is after the service I performed I fix the machine, and charge the customer again.

Why would you do that if you weren't 100% sure you got it the first time.

Veteran

Shane Nokes

Posted
Posted

Unless you personally inspect the code of every file and registry key on the computer after it was infected, you can't be 100% sure. You can be as sure as it's possible to be, but not 100%.

100% means that you personally verified that state of all registry entries and code of every file on the system, and then were able to determine that the malware had not has not under any shadow of a doubt modified any of them. 100% also means that you restored the system to a known good state using known clean media, such as an image (after nuking partitions) or reinstalling off a known good clean installation media.

Dude, you just got done telling us that you keep logs of every infection. Why would you do that if you weren't 100% sure you got it the first time.

I explained why I kept the logs. I kept the logs there for the folks that would try to come in and claim that I didn't clean the machines.

Sometimes I wonder why I bother actually typing out actual full posts since it seems people skim them for about 30% or less of the actual content... *sighs*

Also if you want to go that route...then you can't trust any machine that you do not sit in front of 24 hours a day, 7 days a week, 365 days a year...without any breaks.

After all when you walk away someone could sneak in your window, infect the machine, and then sneak back out...all without you knowing...

I mean come on...do we really have to go down the route of stupidity here?

You don't have to inspect the code of every single file...once you know what is infected you clean it up...then run the system file checker...it can tell you if any files do not match the values that are supposed to match.

Any changes in code would be picked up immediately.

Do folks really keep intending to argue with me on this? I mean it's fairly worthless to keep arguing with me on this...you won't win.

Yeah...not replying to anyone but the OP from here on out...the rest of the posts are just wasting my time... *sighs*

Grand Master

f0rk_b0mb

Posted
  • Author
Posted

Also if you want to go that route...then you can't trust any machine that you do not sit in front of 24 hours a day, 7 days a week, 365 days a year...without any breaks.

After all when you walk away someone could sneak in your window, infect the machine, and then sneak back out...all without you knowing...

You know, you could just set a password, encrypt your disk, close your windows, and lock your doors. :p

Veteran

Shane Nokes

Posted
Posted

You know, you could just set a password, encrypt your disk, close your windows, and lock your doors. :p

I couldn't be 100% certain that someone wasn't spying on me seeing what I typed or what the backup encryption code was that was spit out by Bitlocker.

They could all be watching right now :shiftyninja:

;)

Grand Master

+Warwagon MVC

Posted
  • MVC
Posted

If the date is after the service I performed I fix the machine, and charge the customer again.

I think you meant to say "When" instead of "IF", if is second guessing yourself. :)

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • Politically funny images of the World

      By SidVicious · Posted

    • Windows 11 is getting redesigned taskbar settings in new build

      By excalpius · Posted

      >Improved system sounds when using Windows in dark mode. The story behind that bug would be an interesting one.
    • Edifier S3000MKII hi-fi audiophile grade bookshelf speaker is at its lowest price now

      By hellowalkman · Posted

      Edifier S3000MKII hi-fi audiophile grade bookshelf speaker is at its lowest price now by Sayan Sen Yesterday we covered a bunch of Dolby Atmos soundbar deals with several ones from Sony, as well as from JBL, Samsung, Polk Audio, and more. You can check them out in this dedicated piece. Those are not audiophile category speakers though as they are built with home theater use in mind. If you are searching for the former then Edifier has its S3000MKII at its lowest price at the moment (purchase link under the specs table down below). This is a two-way bookshelf monitor speaker designed to produce accurate sound. While it may not produce the best high-fidelity audio possible out there, it should still be significantly better than what you will get on soundbars of this price range. As such it will do justice to high-res audio played back through it. The only thing that may feel lacking is sub-bass as Edifier claims the unit can go down to 38 Hz, which should be enough for studio monitor purposes, but not for deep room-shaking rumbling bass. Where this does excel though is in its treble reproduction. With its super-tweeter, it claims to go as high as 40 kHz in the frequency spectrum, which should offer a sense of "air"yness. This is an active speaker which means it packs its own amplfication. It has a top-notch Class D amp that may be able to rival many Class AB designs too in terms of sound reproduction quality. The technical specs of the Edifier S3000MKII are given in the table below: Specification Value RMS Output Power 256W RMS (Treble: 8W × 2, Mid-Low: 120W × 2) Tweeter Driver 107mm × 107mm Planar Magnetic Tweeter Mid-Low Driver 6.5-inch (179mm) Long-Throw Aluminum Diaphragm Driver Frequency Response 38Hz – 40kHz Signal-to-Noise Ratio ≥ 85dB (A) Bluetooth Version Bluetooth 5.0 Bluetooth Codec Qualcomm® aptX™ HD Wireless Speaker Link Proprietary 5.8GHz wireless connection between speakers Supported Hi-Res Audio Hi-Res Audio Certified, up to 24-bit/192kHz Digital Processing XMOS XU216 Digital Signal Processor Audio Inputs Balanced XLR, Optical, Coaxial, USB Type-B, Line In, Bluetooth Input Sensitivity (USB) 400 ± 50mFFs Input Sensitivity (Optical) 400 ± 50mFFs Input Sensitivity (Coaxial) 400 ± 50mFFs Input Sensitivity (Bluetooth) 450 ± 50mFFs Input Sensitivity (Balanced XLR) 1000 ± 50mV Input Sensitivity (Line In) 600 ± 50mV ADC Capability Up to 24-bit/192kHz DSP Capability Up to 24-bit/192kHz DIX Capability Up to 24-bit/216kHz DAC Capability Up to 32-bit/384kHz XMOS Processing Power Up to 2,000 MIPS Edifier S3000MKII Audiophile Active (Powered) Wireless Speakers: $799.99 (Sold by Edifier US, Shipped by Amazon US) If you do not have the kind of budget to spend on the S3000MKII, you can also check out the Edifier R1280Ts which is right now on sale at just $114 (its lowest price in a very long time). Good to know This Amazon deal is U.S. specific, and not available in other regions unless specified. We only use first-party seller links (at the time of article publishing); ensure that you purchase from a first-party seller link only. Check out Today's Deals on Amazon | or our recent tech deals. Become a Prime member (for Students or SNAP) via Neowin Get Prime Access - Prime for half price (for qualifying Medicaid, EBT, SNAP) Subscribe to Prime Video, Audible Plus, Music Unlimited or Kindle Unlimited via Neowin As an Amazon Associate, we earn from qualifying purchases.
    • The best controller for XBOX and PC is down to the lowest price

      By Gideon Waxfarb · Posted

      > The G 7 Pro supports wireless (XBOX Wireless, proprietary dongle, or Bluetooth) If anybody else's brain translates this to 'it works wirelessly on Xbox', according to the linked product page, it does not.
    • The Trump administration doesn't want you to use OpenAI's GPT-5.6 without its approval

      By excalpius · Posted

      Ignoring the fact that this "colony" kicked the empire of King George's arse during those early years... You are confusing the First Industrial Revolution (which was clearly pulled out of some butt-hurt Brit historian's arse after the fact) with the Second Industrial Revolution (aka now called the Technological Revolution, undoubtedly by that same butt-hurt Brit), which transitioned the world from the UK/UPS Empire to the USA as the world's only superpower. https://en.wikipedia.org/wiki/Industrial_Revolution I hope you realize that I am having big fun here.

  • Recent Achievements

    • One Year In
      bernmeister earned a badge
      One Year In
    • Week One Done
      Scoobystu earned a badge
      Week One Done
    • Week One Done
      tuben earned a badge
      Week One Done
    • First Post
      OffsetAbs earned a badge
      First Post
    • Reacting Well
      OffsetAbs earned a badge
      Reacting Well

  • Popular Contributors

    1. 1
      +primortal
      441
    2. 2
      +Edouard
      197
    3. 3
      PsYcHoKiLLa
      155
    4. 4
      FloatingFatMan
      71
    5. 5
      Steven P.
      67
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!