1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Is my problem bad enough to be taken to a service/repair shop?

Discussion in 'Malware Removal' started by fosho14, Apr 21, 2012.

  1. fosho14

    fosho14 Private E-2

    My computer got severely hacked into by ppl with malicious and criminal intent. They shut down my antivirus program and changed my ip address (it's a very long story but basically I was a victim of a scam over the phone). Luckily I was able to remove the keyloggers and spyware/password savers that were detected by performing a full scan using malware bytes. After those were quarantined and deleted my computer was for the most part back to full working order with my antivirus program coming back to life. After further performing check ups through my vipre antivrus and tune up utilities software it appears as though my computer is fine on the surface, but I obviously want to have that piece of mind and security knowing that there are no hidden viruses/malware deep within the system that were not discovered.

    ****The reason I say this is because multiple different knowledgeable and savvy technicians and computer experts that I've talked to have said that there are all sorts of keylog/rootkit and other harmful forms of bugs and malware that cannot be detected by the average antivirus/malware removal program. However apparently when you take in your computer to a repair business the technicians are able to inspect and clean much deeper because they use a variety of different tools and sophisticated methods to search the computer for problems. Is this true? I would really like the piece of mind knowing that my computer is completely free of the garbage that infested it, so I should probably pay to get it professionally inspected right? I mean were talking about a lot of personal information at stake including banking details and everything!
    Last edited: Apr 21, 2012
  2. thisisu

    thisisu Malware Consultant

    Welcome to Major Geeks, fosho14 :)

    I would say this really depends on the intelligence of the technician working on your computer. They should know what to do but I cannot say that every computer technician will. Do you understand what I'm trying to say?

    None of our tools/scans we have you do here will reveal any type of financial information. We are strictly looking for malware and we're very good at it ;)

    Your call. You should feel comfortable and confident in the person working on your computer.

    Here is the malware removal guide at this site: READ & RUN ME FIRST Malware Removal Guide
  3. fosho14

    fosho14 Private E-2

    Thanks for the reply. Ya as I mentioned earlier on the surface, the computer looks and runs fine as I removed all the malware/spyware myself and ran antivirus scans. My question was more asking if you know of the techniques or resources that repair stores use or are they just trying to get my business by saying "we have the tools to remove hidden malware that you don't have" (when really they're just going to run similar removal programs). I'm wondering if it's worth the cost. With all my personal information already being infiltrated, I really don't want to take any chances but at the same time I hate paying for nothing!

    Any responses, opinions and thoughts are greatly appreciated!
    Last edited: Apr 21, 2012
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The tools we use here are at least if not more comprehensive as anything done in a repair ship. And in most cases, since we are really malware experts, we are better at finding things then computer repair shops. Our manual inspection of the information in the logs we collect, allows us to find things that commerical protection software typically miss.

    As thisisu stated about repair shops, it really depends on the personel and their training, however, they cannot afford to spend the amount of time that we do. They would have to charge you more than $400 to $500 to which most people would realize it is cheaper to purchase a new PC.

    If however you require a 100% guarantee that your computer is clean, then you have to delete everything on your computer including all partitions, and then format and reinstall from scratch. And in addition, you should not restore anything that you have made from backs. This is the only 100% way to know a PC is clean. Or you could purchase a new PC as mentioned above. And if you want it to stay this way, you should never connect it to the internet and you should never plug any external devices ( like USB drives ) into it that were used elsewhere. Now all this being said, it most cases, this extreme methodology is not required, but I hope you see my point in expanding upon the idea of saying a PC is 100% clean.
  5. fosho14

    fosho14 Private E-2

    Thanks for your input chaslang. Based on my situation what would you recommend without reformatting and reinstalling windows from scratch again. (I don't have an external hard drive and have over 500 gb of media that I would hate to lose). What is my best course of action?

    also keep in mind that malware bytes has been performed and cleaned everything, along with my anti-virus, so currently there are no problems visible. I'm wondering what I should do for the piece of mind, knowing that there aren't any hidden teardropped bugs that are still ingrained and deep-rooted in my system that just haven't been detected yet.

    Last edited: Apr 21, 2012
  6. fosho14

    fosho14 Private E-2

    The only reason I'm being this paranoid is because I know for a fact that these hackers got in. So even though I removed the malware for the most part it's not outside the realm of possibility that something was infected and installed deep and hidden that I can't get to with conventional malware/anti-virus software. I've changed all my banking cards and passwords and email passwords so I don't want to have gone through all that work for nothing, if some kind of password tracker or keylogger is still hiding deep within my system. This is why I want to be confident and rest assured that everything is safe before I start online banking with my new account numbers and passwords, because I obviously don't want all this new/changed information tracked as well.

    Hope that makes sense
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow the instructions in the below link:

    READ & RUN ME FIRST. Malware Removal Guide
  8. fosho14

    fosho14 Private E-2

    ahhh showing the hidden files and folders before scanning is the only thing I haven't done, that's a very important tip. I will do that, and then scan again with malware bytes, and dl the other 2 programs you recommend in spyware doctor and superantispyware.

  9. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    No! You did not do the most important thing and that is to attach the 5 logs we ask for. If you want us to verify your PC is clean, this is the most important information for us.

    Also Spyware Doctor is not one of the tools we ask you to use. In fact we don't really recommend it.
  10. fosho14

    fosho14 Private E-2

    My bad, my mistake, will attach the logs
  11. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Okay. Just attach them as soon as you can and we will check them out.
  12. fosho14

    fosho14 Private E-2

    The rootrepeal program refused to run or start, it just kept giving me error messages.

    I have attached the error messages/dialogue boxes that popped up when I tried to run the rootrepeal exe here.

    As for the rest of the tests, I was able to complete them all, so as soon as I can find away to get the rootrepeal to run then I will send you the logs for all the tests/scans that have been performed (as outlined in the directions and procedure)

    It's too bad that rootrepeal is refusing to run. After reading about the program it sounded like an effective and important tool for a variety of different problems.

    Attached Files:

  13. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The below is a quote from the first instructions in the READ & RUN ME
    Thus you need to keep going! ;)
  14. fosho14

    fosho14 Private E-2

    I understand, and I did keep going. I completed everything else. the instructions said to attach any error reports if something doesnt run which is why I just attached it. I will be attaching the logs soon.

  15. fosho14

    fosho14 Private E-2

    attached logs:

    Attached Files:

  16. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You need to attach the requested log for MGtools. The log requested is C:\MGlogs.zip

    It is not in the MGtools folder.
  17. fosho14

    fosho14 Private E-2

    oops I'm so sorry

    Attached Files:

  18. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Your logs are all clean but let's run two more scans just to cover a couple other areas.

    Goto the below link and follow the instructions for running TDSSKiller from Kaspersky
    • Be sure to attach your log from TDSSKiller
    Now please also download MBRCheck to your desktop.

    See the download links under this icon [​IMG]
    • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
    • It will show a Black screen with some information that will contain either the below line if no problem is found:
      • Done! Press ENTER to exit...
    • Or you will see more information like below if a problem is found:
      • Found non-standard or infected MBR.
      • Enter 'Y' and hit ENTER for more options, or 'N' to exit:
    • Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.
    • MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.
    • Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )
  19. fosho14

    fosho14 Private E-2

    Thanks for taking the time to decode these logs for me I sincerely do appreciate it!

    So I ran the final 2 tests that you suggested.

    here are the logs:

    Attached Files:

  20. fosho14

    fosho14 Private E-2

    A professional technician at a repair/service store probably wouldn't be able to do any further cleaning other than reformatting the hard drive right? Have we gone as deep as we can go? Should I start doing my online banking again?

    Thanks for all your help

Share This Page

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds