11
Aldar
2y

Okay so my brother in law has a laptop that is... To put it mildly, chockful of viruses of all sort, as it's an old machine still running w7 while still being online and an av about 7 years out of date.

So my bro in law (let's just call him my bro) asked me to install an adblock.

As I launched chrome and went to install it, how ever, the addon page said something like "Cannot install, chrome is managed by your company" - wtf?

Also, the out of date AV couldn't even be updated as its main service just wouldn't start.

Okay, something fishy going on... Uninstalled the old av, downloaded malware bytes and went to scan the whole pc.

Before I went to bed, it'd already found >150 detections. Though as the computer is so old, the progress was slow.

Thinking it would have enough time over night, I went to bed... Only to find out the next morning... It BSoD'd over night, and so none of the finds were removed.

Uuugh! Okay, so... Scanning out of a live booted linux it is I thought! Little did I know how much it'd infuriate me!

Looking through google, I found several live rescue images from popular AV brands. But:
1 - Kaspersky Sys Rescue -- Doesn't even support non-EFI systems

2 - Eset SysRescue -- Doesn't mount the system drive, terminal emulator is X64 while the CPU of the laptop is X86 meaning I cannot run that. Doesn't provide any info on username and passwords, had to dig around the image from the laptop I used to burn it to the USB drive to find the user was, in fact, called eset and had an empty password. Root had pass set but not in the image shadow file, so no idea really. Couldn't sudo as the eset user, except for the terminal emulator, which crashes thanks to the architecture mismatch.
3 - avast - live usb / cd cannot be downloaded from web, has to be installed through avast, which I really didn't want to install on my laptop just to make a rescue flash drive
4 - comodo - didn't even boot due to architecture mismatch

Fuck it! Sick and tired of this, I'm downloading Debian with XFCE. Switched to a tty1 after kernel loads, killed lightdm and Xserver to minimize usb drive reads, downloaded clamav (which got stuck on man-db update. After 20 minutes... I just killed it from a second tty, and the install finished successfully)

A definitions update, short manual skimover, and finally, got scanning!

Only... It's taking forever and not printing anything. Stracing the clamscan command showed it was... Loading the virus definitions lol... Okay, it's doing its thing, I can finally go have dinner

Man I didn't know x86 support got so weak in the couple years I haven't used Linux on a laptop lol.

Comments
  • 1
    I'm confused by your X64 part ...

    X64 / AMD64 started around 2005 if I remember correctly

    The laptop is nearly 20 years old and runs Windows 7... What kind of processor is it? Afaik everything was AMD64 then.
  • 7
    Would be simpler to just format that drive and do a fresh windows install.

    Or assuming that old machine has hdd, just buy a new ssd, do a fresh install on it and then scan the old hdd as an external drive and use it as backup.
  • 2
    All I know is everytime a family member or friend ask to fix something on their computer things gonna get fucked up and shit'll hit the fan.
  • 0
    @IntrusionCM it's an old AMD E200 APU. Notebook checker lists it as x86 with 64 bit support so... Really not sure what to take of that.

    But when I ran file on the terminal emulator executable, it was 64bit, so I figured the laptop is so old it can't yet run 64 bit apps lol
  • 1
    @AnxiousADHDGuy suggested that as well, but was told that backing it up would be an issue as noone really knows what's on the laptop, and whether something's worth preserving.

    Yea... I wonder what might be so important that you don't even remember it's there...
  • 4
    Why do you even waste your time? A complete reinstall is the order of the day anyway because you can never be certain that everything has been found and removed.

    While you're at it, remove also the Microsoft virus and install Linux. Yes, as 64 bit version.
  • 0
    "brother in law"

    Tell your dumb ass relative to fix his own shit.
  • 2
    Why bother scanning with MalwareBytes? Backup his important docs and pics; and nuke the whole things. [Reinstall.] That's what I did all the times. Fortunately I have saved installation ISO of Windows XP, 7, and 10; so there is no problem even if my relative/friend brought up a computer from the dinosaurs era.

    Replacing with Linux is a bother/out of option, since this relative was probably only familiar with his Windows 7 and he's going to bother you a lot more if you install unfamiliar OS into his PC.
  • 2
    Compared to this my old Atom runs like a quantum computer.

    All these signs point to a single problem: bad sectors on a hdd, causing read/write retries.

    Stop what you're doing. A hdd this old is not even worth a hdd-regenerator. Install that adblock and return the laptop, recommending an ssd and a fresh install
Add Comment