Is reformatting an acceptable way for a professional to deal with spyware/viruses?

[Jeff7181]

I rarely try to clean a computer that's clogged up with that crap, but someone has offered to pay me $15/hr cash to clean their computer without reformatting.

I told them I'd check it out and see what I think. Norton AV 2005 found 280 threats, about 120 of which were viruses. It left about 100 things that it couldn't clean or delete.

AntiVir found about 50 things and cleaned them all off.

Now I'm running Norton again and it found another 7 and counting.

Is there a point at which even the most reputable repair shops will say look, lets just back up the data you need, reformat, and reinstall Windows and put all your programs and data back on?

$15 per hour cash isn't bad considering I'd add my diagnosis time as well as however long it takes me to clean off this crap manually... but is it possible? I don't want to waste 6-8 hours... cause I'm not gonna charge the guy if I can't fix it for him.

I'm not saying I'm a professional, but I do like to maintain a certain amount of professionalism when people are paying me to fix their computers. I don't want to come across as one of those people who's answer to every problem is reformat.

*EDIT* Norton just finished and found 13 "at risk" files. 4 are viruses that it can't clean. They are...

"BlackBox.class - Trojan.ByteVerify"
"Dummy.class - Trojan.ByteVerify"
"stats[1].php.Vir - MHTMLRedir.Exploit"
"VerifierBug.class - Trojan.ByteVerify"

 

[PHiuR]

this is when you say,

look buddy, stop looking at porn.

 

[imported_Kensai]

Only if the infection is extremely major. If it's light, just stick with removing them.

 

[Ricemarine]

You're going to have to use a few extra tools to get rid of all 280...


Gotta delete em all! gotta delete em all!

Virus-mon!

 

[MX2]

I will never understand why folks get so attached to their install and fight tooth and nail against a fresh install with all their data back in place just as it was We get that all the time

 

[Kaervak]

With that amount of stuff on the system, it's recoverable. It may take a little while to get rid of it but it's doable.

 

[ruffilb]

Originally posted by: PHiuR
this is when you say,

look buddy, stop looking at porn.

Because, you know, that's how *I* get all my spyware

Originally posted by: Jeff7181
I rarely try to clean a computer that's clogged up with that crap, but someone has offered to pay me $15/hr cash to clean their computer without reformatting.

I told them I'd check it out and see what I think. Norton AV 2005 found 280 threats, about 120 of which were viruses. It left about 100 things that it couldn't clean or delete.

AntiVir found about 50 things and cleaned them all off.

Now I'm running Norton again and it found another 7 and counting.

Is there a point at which even the most reputable repair shops will say look, lets just back up the data you need, reformat, and reinstall Windows and put all your programs and data back on?

$15 per hour cash isn't bad considering I'd add my diagnosis time as well as however long it takes me to clean off this crap manually... but is it possible? I don't want to waste 6-8 hours... cause I'm not gonna charge the guy if I can't fix it for him.

I'm not saying I'm a professional, but I do like to maintain a certain amount of professionalism when people are paying me to fix their computers. I don't want to come across as one of those people who's answer to every problem is reformat.

Their computer is known as F***ED. A reformat is probably the safest and fastest way to fix their computer.

 

[lavagirl669]

Reformatting would be a lot faster and easier than trying to clean up all
the corrupted crap.

I just had a case like that where it was so bad and the machine was 4 years old
I just replaced the HDD.

 

[Jeff7181]

Originally posted by: PHiuR
this is when you say,

look buddy, stop looking at porn.

And that's exactly what it was. He needed a couple days to "clean up his school work" before he gave it to me. I found the reminants of Kazaa, Weatherbug, an application called JAlba.exe, etc. Not to mention his IE History. :shocked:

 

[Jeff7181]

Originally posted by: Kaervak
With that amount of stuff on the system, it's recoverable. It may take a little while to get rid of it but it's doable.

So if he's willing to pay, it wouldn't be futile?

 

[OdiN]

I manage a computer repair shop.

I think that saying "let's just reformat it" is the easy, unprofessional way out. Anyone can format a drive and start over.

I actually enjoy removing viruses. It's kinda fun to figure out how they work and where they are hiding and try to defeat them.

For nasty infections, I simply remove the hard drive from the comptuer and put it on my testbench computer (which is completely firewalled and blocked off from our main network) and when it is on my testbench I let it scan with AVG, Ad-Aware, and Ewido. This gets rid of most things, leaving me with just smaller registry editing and a little manual cleanup to do afterwards.

I have only come across ONE virus that was so bad that I had to backup data and format the drive. The problem was that it was not recognized by any antivirus software. I don't know what virus it was but it was new and was quite ruthless in keeping itself on the drive. It had multiple backup copies of itself with random names and such...and it got so that it simply wouldn't be cost effective for me to manually remove it. I would have spent hours pouring over directories and searching for files that match the virus, etc. etc. At that point, I just told the customer that it would have to be reloaded.

So....no I don't think reformatting is an acceptable way to handle this or any other situation - a professional should be able to troubleshoot, research and solve most problems. Sure...there are some things which require a reformat and reload. And also there are things that are simply not cost effective if the solution would take 4-5 billable hours where a reformat and all takes only around 1.5-2 hours.

 

[CaptainKahuna]

Dude, blow it out, it'll take 3 hrs tops, and it'll run better anyway.

Do it, put his old wallpaper and data/programs back, he'll never know, charge for 9hrs

 

[eLiu]

Originally posted by: MX2times
I will never understand why folks get so attached to their install and fight tooth and nail against a fresh install with all their data back in place just as it was We get that all the time

No kidding. Some people are just incredibly reluctant to do it. My gf's sister for example...somehow attracts spyware like bees to honey. That machine is slowly building up junk that regular scanners aren't removing. I'm 800 miles away so I can't help...I recommended a fresh install w/protective programs in place from the start (they weren't last time). But her dad refuses to do it... poor computer

 

[flexy]

Originally posted by: MX2times
I will never understand why folks get so attached to their install and fight tooth and nail against a fresh install

you are serious, right ?

I consider myself a "pro" (at least concerning my knowledge) and a reformat and re-install is always the last of all resorts. In fact i usually only install ONCE.....after a major upgrade (motherboard). Had systems running literally for years without the need to format.

People are "attached" to a certain state of the system because it usually takes MONTHS from a virgin install to the state my PC is right now....counting all the programs/tweaks/patches etc...

PC is constantly dynamically updated, programs get installed....registry and other stuff gets tweaked, everything is personalized.

It scares me to see people like you who think that a install is needed like every 3 months or so to "keep the system in shape" or to "solve problems" and dont understand why people dont like the idea of new installs.

 

[flexy]

also...as the other guy said...everyone can do an install/format.

People usually put their comps in a shop when they want their data kept as it is. Otherwise they would just throw their CD in, boot onto the XP CD and format/install everything new at home.

 

[xgsound]

A professional can sometimes be described as someone who keeps from surprising the customer.

Spell out the options, the pitfalls of each, and probable cost of each; then make your recommendation.

A reinstall can have a more fixed cost than attempting to remove malware and may have to be considered at some point.


Jim

 

[isekii]

$15/hr seems very little.
Tell him to take it to a computer store.

 

[Joony]

Best Buy charges $80 for an operating system service

 

[Jeff7181]

Originally posted by: isekii
$15/hr seems very little.
Tell him to take it to a computer store.

I would, but I could really use the money right now.

I've been working on it a little bit... using the stopwatch on my cell phone to keep track of my time, lol. I think I have it cleaned up pretty well. Just going to run some scans with different programs on it to make sure there's nothing left. Neither Norton or AntiVir are finding anything anymore, but I think I'll run those programs OdiN mentioned he uses to see if they catch anything else.

Nail.exe is a funny one... delete it, and two seconds later it's recreated. You can literally delete it, and watch it pop right back where it was in the Explorer window. Delete it again, watch it come back. Look in the recycle bin and see two copies of it in there, lol. Got rid of it though. All together I've spent about 2.5 hours on it, not counting when I start a virus scan and walk away for a half hour.

 

[Shawn]

first thing you need to do is boot into safe mode. you can't delete that crap with it running.

 

[apac]

Originally posted by: Shawn
first thing you need to do is boot into safe mode. you can't delete that crap with it running.

qft

 

[OdiN]

Originally posted by: Jeff7181

Originally posted by: isekii
$15/hr seems very little.
Tell him to take it to a computer store.

I would, but I could really use the money right now.

I've been working on it a little bit... using the stopwatch on my cell phone to keep track of my time, lol. I think I have it cleaned up pretty well. Just going to run some scans with different programs on it to make sure there's nothing left. Neither Norton or AntiVir are finding anything anymore, but I think I'll run those programs OdiN mentioned he uses to see if they catch anything else.

Nail.exe is a funny one... delete it, and two seconds later it's recreated. You can literally delete it, and watch it pop right back where it was in the Explorer window. Delete it again, watch it come back. Look in the recycle bin and see two copies of it in there, lol. Got rid of it though. All together I've spent about 2.5 hours on it, not counting when I start a virus scan and walk away for a half hour.

Yes Nail.exe is a ah heck. Ewido can get rid of it if the system is on another computer or in safe mode.

I also have a utility that will remove nail.exe and prevent it from being installed again.

 

[jgivens]

A reformat is the best way on a system like that. Who knows... all it takes is one thing to be left behind.

 

[Saint Nick]

i would just say that "your situation is very unique" and that you have to reformat. just tell them that the data that wants to be backed up is infected as well, and if you put that infected backed up stuff on the clean install, your clean install will become contaminated.

 

[Rogue]

That is until he discovers he's all infected all over again because he tried to run paint.exe and now the rootkit installed calls back home and the machine gets owned with a "p" all over again.