Hat is off to anybody who does IT for a living

[Russ Smith]

be it network support or desktop etc I don't know how you folks handle it. I do just a bit of it at work mainly just new computer installs and a few other things and even that is driving me nuts. it's not just how picky software is(Microsoft) but the users.

9 months ago guy gets a virus, one of those that tells you to download their fake antivirus. I'd just gotten rid of it so when our Panda AV wouldn't I installed Malwarebytes and deleted it. Some ofthe files were hidden etc but he said he'd gotten everything back ok and thanked me. 6 months later he tells me the computer has never been quite back to normal. 6 weeks ago he tells me windows update won't work, and in fact it hasn't worked in weeks. So we run the Update repair tool and that apparently fixes that. Last week his windows won't start, repair says it can't fix it, but after running it it starts again. Don't hear from him again until yesterday when he tells me everytime it does a windows update, the next day Windows won't start.

Said he did a restore and lost a bunch of work(which per MS is NOT related to restore it isn't supposed to delete files).

now he wants me to reinstall windows which I guess makes sense but he said he didn't want to complain but he was losing work so he complained to me and my 2 bosses. Had he told me months ago it would have never gotten to this point.

The one good thing is my bosses are both sharp enough to realize that windows updates shouldn't cause him to lose work. Apparently his windows was corrupted with the virus but the reason he lost work is he didn't save it on the server.

And the kicker, when we looked for the most recent backup we discovered it wasn't running he said "yeah I haven't noticed it run in months now".



He's one of those people that's too nice he didn't want to bug anybody but now it's a much bigger issue than it needed to be and I have much less time right now to reinstall his entire system.

 

[earthsci]

Make sure that you flash the bios. Upgrade if possible.

 

[Chaz]

Patience is key with both machines and people.

A big portion of computer support I classify as "expectation management".

 

[Russ Smith]

Patience is key with both machines and people.

A big portion of computer support I classify as "expectation management".

Yep he's a very nice guy but in this case trying to be nice just made it worse becaues he's at a point where stuff he's doing is critical on projects so it's a very bad time to be losing work or having his computer down for a day while I redo it.

It's one of those I know you're trying not to bother me but by waiting, you actually made it MUCH harder to do scenarios.

He doesn't have the virus anymore I've checked with our AV, he installed his own AV, I've checked with both Malwarebytes and even TDSSkiller in case he had a rootkit. I'm assuming the virus he had 9 months ago somehow corrupted his windows and that's why he's having the problems he's having.

Would have been much easier then to rebuild than it is now based on where he is with projects.

 

[Russ Smith]

Make sure that you flash the bios. Upgrade if possible.

He says my boss did that a few months ago when he had a problem late in the evening and I wasn't around.

We buy Dell so you can flash the bios from the hard drive by downloading an upgrade from their site. He has an IBM though so I'm not sure if that's how they did it.

My personal opinion is he's one of these who installs lots of things on his own and he's probably caused some of the issues. We use Panda Antivirus but after he got the virus he installed MacAfee on his own. When I used Malwarebytes to remove the virus I uninstalled it after just to avoid any conflict.

I believe he has Panda off and MacAfee starts up automatically but I'm guessing there's some conflict that is triggered by Windows Updates.

to be honest, I'm not a big fan of Panda what we have seems to be very poor at blocking things. We had another user who had the same virus months later, maybe 8 months after this guy had it. Panda still didn't find it on a scan so again I got involved but my boss didn't want me to use Malwarebytes since we pay for Panda. It took several tries and multiple downloads of updated "P scans" to get her system working again.

I still wasn't confident so just for my own interest I ran malwarebytes on it and the quick scan found another infection. I didn't have time to do a full scan so I deleted it and uninstalled Malwarebytes and then told Panda what it had found. They updated the definitions again and did another P Scan and assured me it's clean.


She's getting an upgraded system soon and when I get her old system I'm not even going to mess around I'm going to totally reinstall I don't trust that it's not still infected and Panda just can't see it.

 

[Brian in Mesa]

I usually use a removal guide from bleepingcomputer.com to get rid of those fake Antivirus ones where I work. Usually it's as simple as rkill.exe and a Malwarebytes scan, but sometimes they include an extra step or list specific files to search for and remove.

I know people that pay an arm and a leg for security programs for their home computers and have nothing but trouble. I have only ever used the free stuff and have had no issues. Makes me wonder where these people are surfing. LOL

 

[Russ Smith]

I usually use a removal guide from bleepingcomputer.com to get rid of those fake Antivirus ones where I work. Usually it's as simple as rkill.exe and a Malwarebytes scan, but sometimes they include an extra step or list specific files to search for and remove.

I know people that pay an arm and a leg for security programs for their home computers and have nothing but trouble. I have only ever used the free stuff and have had no issues. Makes me wonder where these people are surfing. LOL

Yep that's how I got rid of the virus on my computer. It was pretty dumb I was looking for an answer on something else and clicked on a site that instantly infected me.

So I went to bleepingcomputer and used rkill and unhide and malwarebytes to clean myself. Shortly after this other guy got the exact same virus so I knew exactly how to clean it and did. Then like i said maybe 8 months later another user got that exact virus, nuts that Panda in 8 months of updates hadn't learned to detect and block that virus.

I have Exterminate This and Malwarebytes on my work system(first is pay) but I don't leave them running to avoid conflicts with Panda.