U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology > Computers
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 03-25-2017, 02:06 PM
 
764 posts, read 756,919 times
Reputation: 556

Advertisements

Ok, here's my interesting situation. Tried to download a game, then all sorts of spyware, adware, malware and probably viruses started downloading to my computer and taking over the memory. Eventually I started getting BSOD, and because the computer wouldn't stay on long enough to run my malware/virus scans, I was forced to do a FACTORY RESET. I went from WIN 10 to the original WIN 7 that the computer came with. Because I had to do a RESET all my stuff is out of date which is expected.

To make a long story short, what was a perfectly running computer before the attempted game download, now I have a computer that freezes, error codes when trying to install windows updates, and my internet crashes. So my question is, even after a Factory Reset, is the virus removed or do you still have to do a virus scan?

(My attempted AVAST virus scan won't even scan through..it gets stuck "compatibility check")


Also one more question...if your getting BSOD's...then how can you run win 10 in safe mode as the F8 button is disabled?
Reply With Quote Quick reply to this message

 
Old 03-26-2017, 07:53 AM
 
10,755 posts, read 18,015,770 times
Reputation: 10244
There are rootkits and such that will survive a drive format, so it depends on the infection.

Safe mode: https://support.microsoft.com/en-us/...c-in-safe-mode

I suggest running Malwarebytes Chameleon https://www.malwarebytes.com/chameleon/
Reply With Quote Quick reply to this message
 
Old 03-26-2017, 03:34 PM
 
Location: (six-cent-dix-sept)
4,915 posts, read 2,509,651 times
Reputation: 3152
no. most factory resets use some form of dd so as long as long as the source image was clean then the virus wouldnt be replicated.
Reply With Quote Quick reply to this message
 
Old 03-26-2017, 05:20 PM
 
Location: Florida
4,633 posts, read 3,967,797 times
Reputation: 4504
My guess is that the reset brings the computer back t the state it was when you bought it new.

I think the update software for windows was changed by microsoft 6 months to a year ago. You will have to download the new windows update software. I think after that Microsoft also changed the way updates work so that could be a problem.
Might have to call Microsoft customer service for some help.

You can see if this helps. Windows 7 Won’t Update? Here’s What to Do | Plugable
Also search the Microsoft support. I think they have steps to update your system.
However I think this is a big problem due to changes Microsoft made so calling them might be the way to go.
Reply With Quote Quick reply to this message
 
Old 03-27-2017, 05:35 PM
 
9,975 posts, read 7,587,935 times
Reputation: 12852
It's possible you still have it, but unlikely.

There are viruses out there that infect system restore images and even the windows reinstall partition on the HDD. But, they're fairly rare.

I've rarely had a virus where I had to restore back to the image. Some that I just couldn't invest the time to clean them up properly.. Hard to tell a client "I billed you $1000 for my time cleaning this virus when I could have restored it to default and charged $100".. Unless it's on a critical machine or something.

Oh.. And the ransomware ones.. The ones that lock a machine and encrypt the files. There's usually no getting past that. You can remove the ransomware, but can't unencrypt the files. So.. No point in NOT re-imaging.
Reply With Quote Quick reply to this message
 
Old 03-28-2017, 11:19 AM
 
Location: Cartersville, GA
1,255 posts, read 3,031,033 times
Reputation: 1085
Quote:
Originally Posted by Labonte18 View Post
Oh.. And the ransomware ones.. The ones that lock a machine and encrypt the files. There's usually no getting past that. You can remove the ransomware, but can't unencrypt the files. So.. No point in NOT re-imaging.
That is true, at least for the most part. However, some options exist.

Anyone who has valuable data on their computer should backup regularly. If you have a relatively recent backup, you can simply reformat the hard drive, which will destroy the ransomware. Then it's just a matter of reinstalling the operating system, and the backup data. Be sure to use an external backup drive, and make sure that the external drive is physically disconnected from the computer after every backup. Otherwise, ransomware might encrypt the backup drive as well!
Reply With Quote Quick reply to this message
 
Old 03-28-2017, 11:26 AM
 
9,975 posts, read 7,587,935 times
Reputation: 12852
Quote:
Originally Posted by ToucheGA View Post
That is true, at least for the most part. However, some options exist.

Anyone who has valuable data on their computer should backup regularly. If you have a relatively recent backup, you can simply reformat the hard drive, which will destroy the ransomware. Then it's just a matter of reinstalling the operating system, and the backup data. Be sure to use an external backup drive, and make sure that the external drive is physically disconnected from the computer after every backup. Otherwise, ransomware might encrypt the backup drive as well!
I haven't tried one of the decrypters yet. Kinda wonder how long they take. What are they? Brute Force?

I know that some of them will get the recovery partition.. Which is why I always make a CD or USB backup of the recovery partition on any pre-built machine.

It isn't infecting something that's not plugged in.
Reply With Quote Quick reply to this message
 
Old 03-28-2017, 11:30 AM
 
10,755 posts, read 18,015,770 times
Reputation: 10244
Quote:
Originally Posted by Labonte18 View Post
I haven't tried one of the decrypters yet. Kinda wonder how long they take. What are they? Brute Force?
Decryptors only exist for ransomware that have had their keys released to the public. A decryptor app is then created to perform the decryption. Ransomware such as Locky and its variants have no decryptor and you won't be brute forcing it.
Reply With Quote Quick reply to this message
 
Old 03-28-2017, 08:36 PM
 
764 posts, read 756,919 times
Reputation: 556
I figured out why my computer was freezing, I thought the virus was somehow still lurking, but I had too many anti-virus/malware items downloaded. I had to delete Avast and Norton.
Reply With Quote Quick reply to this message
 
Old 03-30-2017, 09:14 AM
 
Location: Greensboro, NC
5,896 posts, read 4,422,729 times
Reputation: 3934
Quote:
Originally Posted by TAZORAC View Post
I figured out why my computer was freezing, I thought the virus was somehow still lurking, but I had too many anti-virus/malware items downloaded. I had to delete Avast and Norton.
That will most definitely do it. Biggest rule of thumb, no more than one AV installed at a time. An accompaniment software like malewarebytes is OK, but definitely not two AVs at once.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology > Computers
Follow City-Data.com founder on our Forum or

All times are GMT -6.

© 2005-2019, Advameg, Inc. · Please obey Forum Rules · Terms of Use and Privacy Policy · Bug Bounty

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top