Tool diagnose infected pc fast

[etardif]

Hi,
As a repair shop we have to disgnoste if we clean an infected pc or reinstalle windows. My tech lose a lot of time to try cleaning a pc and then see that we have to re-install. It is hard to diagnose fast if the pc is cleanble or don't lose time and reinstall. We mos of the time try diffirent anti-virus and anti-spyware and then after hours see how it works.

Is there a tool or something that would help taking a fast decision ? O toll that would give a quote or something and help us to take the decision to format or clean ?

Thanks,
Etardif

[gunslinger]

Its always been a judgement call call to me. If I run one anti-malware program as admin in safe mode and it comes up with just a few items, the Windows install is fixable most of the time. If on the other hand, It comes up with hundreds if infected items including rootkits and worms, forget it.

If I have time to kill and its not about the money, I'll spend some time with a badly infected system just to gain more experience.

These days I will run 2-3 cleaners like Ccleaner, then run Malwarebytes, and super antispyware as admin doing a full scan with each. Then I'll run hijackthis. If the system is still coming up with malware its a bad sign.

[Jory]

For me it isn't usually a judgment call on how long it will take remove all the malware, but rather how long will it take me to restore all their data and programs after a fresh windows install to EXACTLY how it was.

I only consider a windows reinstall itself about 25-30 minutes of billable time if done at my home. So if I can sort out everything in under an hour after that I'll just wipe it. There are so many added benefits to a fresh install there is no reason not to do it unless backup and restoration would be time consuming.

[seedubya]

Quote:

Originally Posted by Jory

For me it isn't usually a judgment call on how long it will take remove all the malware, but rather how long will it take me to restore all their data and programs after a fresh windows install to EXACTLY how it was.

I only consider a windows reinstall itself about 25-30 minutes of billable time if done at my home. So if I can sort out everything in under an hour after that I'll just wipe it. There are so many added benefits to a fresh install there is no reason not to do it unless backup and restoration would be time consuming.

Couldn't agree more. Nice to see someone talking sense. The "format and reload approach", while occasionally necessary (particularly with rootkits), is often indicative of inexperience, inability or lack of customer focus. No Gunslinger, I don't mean you.

[usacvlr]

My rule is generally if I can tell it's going to take more than 2 hours then it's a reload unless it's a really slow day(which is rare). I cannot see wasting my time to fix something which could just as easily be fixed with a quick reload and restoration of data. Their programs can be reinstalled assuming they have the discs. If they don't then they probably pirated the software and I'm not going to shed too many tears about that considering I write software as well. Essentially I always ask is there any data on this system you care about? I prefer the answer No but sometimes if there is data then I just back it up and tell them they'll need to reinstall any software that they have been using. My job is to do whatever it takes to get the system operational again this does not necessarily mean their pirated copy of office 2007 is still going to be on it when I'm done.

[14049752]

Quote:

No Gunslinger, I don't mean you.

I think Gunslinger's approach makes the most sense. If you CAN repair a Windows installation without too much money and time, it's easier on the customer. If there are several hundred viruses, or rootkits, or whatever that should be an automatic reload. It comes down to how much you can trust the system even after it's been cleaned.

When you get right down to it, by using any scanner, you're trusting the program's results. The only thing I trust to get rid of viruses 100% is a format and reload.

[Methical]

Over the time, I've heard alot of people suggest "Just do a system restore and it will get rid of the virus". Not at all; some people don't realise that spyware/adware/malware/viruses can still reside in System Restore files. So once your 100% sure that your system is clean once again, turn off System Restore for all drives; give PC a restart to be sure all are deleted, and enable them again.

[purple_minion]

My ex's brother had a new laptop for school. Said it was running slow so I looked at it. I ran... some AV (it's been 5 years!) or spywareterminator or whatever... and it came back like over 1500 items!!! I'm serious. I think it was closer to 1700 more or less. I was like GOD DAMN! I told him about it and didn't touch it! I felt dirty just looking at it.

Is that a record?

[Methical]

Now thats nasty lol
How long did the scan take? With 1700 results im sure it would've been weighed down alot.. Did you try safe mode? im sure there would've been more then

[purple_minion]

Quote:

Originally Posted by Methical

Now thats nasty lol
How long did the scan take? With 1700 results im sure it would've been weighed down alot.. Did you try safe mode? im sure there would've been more then

Honestly I don't remember. Probably over a long dinner and the wind down. It was so long ago, but I just remember the HUGE number and how I almost crapped myself. Same guy that somehow had a monitor quit working on him that I gave him. Granted I found it out by the dumpster, but I found two others that are still working to this day... it's possible it was a crap one since it was out in the rain, but given his track record I wouldn't put it past him.

EDIT: Same dumpster I found an old iMac that works fine... and the stash of playboy's in a box... they weren't any good so back they went. Also dumpster's are good places to find stuff, uncle found a perfectly good windows AC unit when the college let out. Some things people throw out. Also any idea how much lead were in those 3 monitors... pounds!!!! not good for the landfill.