Repairing the WORST infected computer
Вставка
- Опубліковано 28 кві 2024
- Hello, my friends! Let's hit 10000 likes? Check out my website! enderman.ch
Today I am going to show you the process of repairing the worst infected machine. A year and a half ago I've performed the greatest malware run called Malware10 which spanned 6 months. I downloaded far and wide up until the point the computer was completely unusable. In this video I am going to undo that damage.
Links:
Full uncut footage - • Repairing the WORST in...
Timestamps:
0:00 - Intro
0:24 - History
0:58 - Infection
1:35 - Backup
2:33 - Restoration
12:35 - Comparison
13:25 - Final product
14:10 - Outro
Still got questions? Don't hesitate, send them to contact@enderman.ch!
Hope you have a great day!
#endermanch #experiments #malware - Наука та технологія
Yea, no way I'd use that installation even after the clean up. Even tho I can't be sure there are any, I'd be too concerned about any more deeper-rooted malware still remaining after. Paranoia would kill me.
no
@@_1onlychxrry yes
He even said it at the beginning
With such an infected computer, a simple removal can not always help in particular that the viruses will be on the disk in a hidden trash can or there will be remnants in free sectors on the disk (free space) Then you have to permanently delete the file (Shift+Delete) instead of deleting (delete).You should still remove the free space, and when changing the system wipe the disk.
The Best video keep it up😃🙂🙂🙂🙂
I just love the sheer audacity you had to infect a computer with malware, proceed to say it is your best one yet, and then make a copy of it before getting rid of the malware.
Gigachad move
wait he infected his own computer dafuq?
@@cybergeist8932 No, basically he can plug it back on his PC with good antivirus and then wipe that disk and thats it.
One of those that he didn't need, to be exact. This infected machine was a test subject for that kind of experiments.
Worked in a repairshop for a while and did this sort of thing. I can confidently say that I can already hear a whiny customer complaining about his icons being removed, despite nearly all of them being pup's.
let me guess, it was a boom boom too
I always am completely flabbergasted how they manage to get so much malware, even if you give them all the tools to be safe
@@escapetherace1943 Some people should simply not have access to the internet, because that is the result.
hi! What's a pup? ty
@@mrkemblegilstrap PUP is "suspected malware, but not specifically known as malware", or simply programs you don't want that somehow installed themselves. The abbreviation stands for 'Potentially Unwanted Program" P U P = PUP. Most of the time the nonsense programs you see that pretend to or are widgets that serve little to no function and are likely datamining or stealing information from you. Usually pups end up on a computer by someone who doesn't understand the risks of the internet and simply launches everything they download, even more so people who click on bad ads or follow ads from other ads and allow them access to the browser, etc. Practically everything bad you don't want on a PC comes from people clicking on garbage while browsing the internet.
I suggest staying only on safe sites, using something like malwarebytes, installing something like uBlock origin to protect you and remove unwanted ads, and running all executables from places they could've been laced with malware through at least two different, good malware scanners. Combine this with scheduled back-ups and malware checks and you'll be good to go. Also only accept necessary or no cookies in most of cases.
@obergilstrap88 pop up program. A form of adware that loads pop up web pages that have basically no use other than to scam and advertise.
me at 8 years old when I got my first pc vs my dad trying to fix it
W dad
In most cases it’s the opposite
@@automatedinsanity Yes. That happend to me. My Dad has gotten virus on his laptop, and I fixed it.
@@NatK2010 worst case is that i installed a virus on my laptop and my dad. Got the belt faster than light long story short i had to. Fix it myself
Same lol
My dad using computer:
*Downloading random stuff*
Me after running antivirus:
*6397 threats detected*
My computer is slow after dad uses it so i have to restart the computer everytime but there are no viruses detected :)
spy ware among us m8
this is why you educate your folks
@@veliozkan2943 LOL
Lmao
I worked at a IT company and one standard everyday job was cleaning the pc's of coworkers. On average there was 52 payloads found a day on 1 pc. Sometimes a MITB ( man in the browser ). They really should install a firewall or managed policy rules.
please tell me it wasnt some big company at least 💀💀
@@filipoda123 well, its a mid range company with multiple locations and they are part of a company group.
They handle websites of local business and webshops. And transfer medical information. So you understand i grow a little cynical over those years after i adressed it multiple times.
@@Vilematrix damn, a mitb in a website company lol
@@filipoda123 i know right. Xd
@@Vilematrix how does a man fit in the browser
My guessing was that malwarebytes will detect like 500 but it blew my mind to see it go to 3000+ instantly
keep in mind that every file is a detection (so if something has 50 files, that can be 50 detections from 1 virus) and MB detects A LOT of things as malicious or PUP. Not always in a good sense :D
@@itsTyrion it has been trying to quarantine my BitTorrent for years now lmao
@@mr_confuse Make a exception. It will then ignore it.
@@itsTyrionYou can set it to ignore PUPs.
@@mr_confuseit does the same thing with any other torrent software I don't know why but anyone that I use I always have to exclude it
MalwareBytes could use this video as an ad for themselves with how much it did.
Uninstall Tool too
@uNnHkP8mza what's mbam
true, this video was the trigger for me to install it
LOL true!!! i remember spending so long back-and-forth with a windows technician (god bless them) who told me 'yeah install the malwarebytes free trial it does way more than windows defender pretends that it does'
@looped_gameing8406 nobodys perfect but the little guys trying his best
That is some impressive work. I'm actually surprised by how close the system is back to it's original state.. Though it's still obviously ideal to reinstall Windows to ensure there's no malware left over whatsoever.
Also some specific malware could infect the BIOS chip in the motherboard and still remains intact after fresh install (the option to remove BIOS malware is desolder the infected BIOS chip and replacing the BIOS chip with the good, uninfected one)
@@sihamhamda47 no you can do something to old bios chip and remove compeletly everything and reinstall upgraded bios
@@FtE1 Ah yes, re-flash BIOS can also fix that
@@sihamhamda47 but i rather put new bios chip
@@sihamhamda47 refalsh bios is an option. some motherboars and laptops come with a flash usb port some times there is a symbol/ or refer manual
I always had a mindset that if my pc got infected, then even though it may not be able to be removed from inside, the good old hammer could do a great job from the outside lmao
Lmao
And G U N
And fire
Maybe a cold pill
I have yet to meet a virus that can survive my water attacks.
Worth noting that connecting an infected machine like this to wifi can be rather risky. Some malware will try to spread to other connected devices in the network.
Probably using an alternative wifi router with a different ISP?
@@-_-_-_-_-_-_-_-_-_-_-_-_-_-ucqor just mobile hotspot...
One of the greatest videos I have ever seen. The turi ip ip is an example of imagery in sound. It's delicacy astonished me. It just changed my mind about Enderman. Turi ip ip never dies. It is immortal, inevitable and one of the greatest objects of all time.
🥹
Just stop making tur ip a "funny" music
@@x2v9 you will not stop your fellow 12 year olds, it's an impossibility
I had to turn my volume down to 3% to watch this
Him putting all the viruses on that one Toshiba hard drive felt like containing The Radiance inside The Hollow Knight.
Unfortunately that means that the viruses will break free.
Be prepared. Be afraid.
I'd be more afraid if it grew legs!
@@ThumperMinerUnion it'll grow more than just legs
@@its_an_inkstar can't forget the Cable Scorpion
That hard drive might become sentient
@@peeboo might?
I like how the chat went crazy when Symbolism played
i agree
@@catwazhere no
I like the song without the meme
turi ip ip
Never thought in my life that I would watch a malware cleanup video by an Enderman. …The Internet's a magical place, huh?
Great job!
I use Kaspersky Rescue Disc for a job like this myself, it is just easier because it boots in a clean environment to work with while disinfecting.
I have no idea why, but hearing “tori ip ip ip” just felt so out of place after all the memes, and i just started laughing from it
Still better than skibidi toilet
Really liked video :) some suggestions towards next videos about virus removal from me would be:
-using proces explorer with virustotal column added to have a closer view if anything harmfull is still running
-throwaway pendrive: you can invest little money to get a pendrive with mechanical switch that put pendrive in read mode only. I use one of this all the time as i work as IT technical repairing at local computer store.
-for uninstalling programs i recommend revo uninstaller - free tool which allows to select multiple programs and uninstall them + after uninstall it scans for leftover files and registry from app so its more deep cleanup after reinstall
my top infected computer i had from customer had 27000+ threats found in malwarebytes (some were ofc from same malware as malwarebytes count every file and registry as new threat)
after uninstall* typo
Uhhhh..... Yeah good luck with that... 27000+THREATS!!??
@@Albertfanmailblog59383 yup reinstall wasn't an option because of specific program with database which i needed to backup. Removed as many as i can so i can barely open and backup database then reinstall with no mercy. Niezła jazda xD
Holy SHITE 27k+? That's crazy
Yeah, even if you removed all surface malware, you would probably still have concerns about deep-rooted malware on the HDD. I would just say "forget it" and do a fresh reinstall of Windows. It seems to be the best option.
I would just throw the computer away. It's finished.
@@eleanorbartle5354 That’s a really cool concept.
@@eleanorbartle5354 if androids ever become real it's gonna be the flu or covid for them lol, or the black plague
@@georgeofhamiltonmagnet
It looks like @eleanorbartle5354’s comment is hidden now, but she basically had an idea of a form of infectious malware that could even spread through physical contact between digital storage devices even while they are turned off, necessitating careful disposal in special facilities.
Holy crap, this computer is the digital version of a pitri dish.
I usually do this with my friends and family's computers. I ALWAYS try to go for the remdy/Clean up option first. I like trying to fix every issue possible without having to reinstall Windows all over (and possibly deal with backing up a ton of shit). And it honestly feels rewarding when you see the result.. Great vid!
alt title: enderman shows how good he is at repairing computers.
Why did antivirus companies not e-mail you yet
enderman: empty for 2 weeks
also enderman: 2 uploads in one day
The Symbolism song as you try to delete malware is just 👌
nah its not symbolism its turi ip ip
@@opsonc dead meme
@@bwalimniad still better than skibidi toilet
These results and logs could be very useful for antivirus companies. Pherhaps one that this hard work will be noticed.
You can even see the amount of space changing from the amount of junk being deleted from the rainmeter plugin
i would love to see the malware 10 partition myself, but i understand if you are concerned if ppl that don't know about this stuff can get infected themselves, amazing job!
If it's this bad I will for sure reinstall and burn the whole thing down but very nice restore and satisfy to watch! My coworker once got a ransomware (just one), I told him to "NUKE THE WHOLE THING". You never know what "free stuff" you will get from a single infection. Today it's all nasty thing, keylogger, info stealer so on and so on, better to be safe.
With a single infection, it's fairly safe to assume you can fix it. You *will* need to research the virus to figure out exactly how it works, but it's possible to fully scrub a machine of it.
When you install over six THOUSAND viruses from random sources, that becomes significantly harder and exponentially more time consuming. You go from a task that'll take a day or two to something that'll take a *lifetime* or two.
That being said, if it's on a company computer instead of a home computer, I absolutely would not spend even a minute trying to salvage it lmao.
i like how when you first started, the ram use was like 6gb of out of 8 and removing all that trash brought it down to 2gb.
Malwarebytes and Tdsskiller do most of the heavy lifting.. but in cases like this I would absolutely suggest a 100% clean wipe (after backing up anything worth saving, of course)
petri*
Watching this is like watching those rug cleaning videos, it's so satisfying seeing the clean finished product
@Enderman I heard you could still get infected if you install certain malware on a virtual machine as it will transfer to the host machine
Very very rare that will happen as long as your virtual machine software is fully updated, and you turn off certain features that allow for connectivity between the vm and host. No networking, no shared folders, etc.
You'll still run into issues with malware that can detect its in a VM and refuse to run, so you need to use virtualbox with the vbox hardened loader.
Can happen when installing advanced malware and if there is a security thread in the hypervisor youre using
It is only very very rare if The Virtual machine is a Packed Vdi/Vhd/Vmdk File
that's impossible, the most it could do is insert itself into a shared folder
@@tauon_ Virtual machine escaping is possible through the use of technical exploits but those exploits are usually not found in common malware
good job enderman! you're like my dad once, i broke my pc (automatic repair couldnt work) but then he fixed it. great job!
You did a good job of returning back to its original state but if it were me, I would get put a Windows 11 or 10 iso on an USB and do a complete format and reinstall windows. Never know if there is hidden stuff or if the malware infected critical system files that if the antivirus removes it'll bork something, had it happen before.
I would use a Windows 7 iso instead.
@@getthepartystarted1247 That OS is pretty much deprecated in 2023. Same state as Windows XP little software support and modern gaming is out of the question. Also hello guy that archived ampdan1's videos, appreciate your dedication.
@@Fearagen Oh hi, it's you!
2:05 Thanks for giving me an info about a free disk cloning software, because when I'm looking for any disk cloning tutorial, most of the tutorials forced me to use either Minitool Partition Wizard or EaseUS To Do Backup, which are now forcing its users to use a subscription service just to use the disk cloning feature
ChatGPT's Title: "Reviving a Malware-Infested Nightmare: Restoring the Unusable Machine"
how i see my computer 12:18
how my parents see my computer: 3:00
We need this guy to be at tech support.
It took *almost 1 hour* for Malwarebytes just to quarantine all of the 6,397 threats.
The fact he has the best gaming setup ever. And also the Turi ip music in the bg during the fixing
damn those viruses were fighting hard over cpu time
the effort that went into this is crazy
For sharing the whole image Terabox might work, not to mention in Macrium Reflect you can also change the compression level.
I wonder what was the worst case of malware infection in history, intentional or not. There should be a guiness record for this.
I think it might not be a great idea if it'd make people want to install many viruses just for the record.
my grandma:
while humans are 70 percent water, this computer is 100 percent viruses)
don't forget to first go into the option of alwarebyte once you installed it and enable COMPLETE scan for better findings.
So helpful! Thanks Enderman!
Best one yet
Seeing the disk space avaiable go up was so satisfying!
I like how the music synced with the Malwarebytes pro ad popup slider thing
That infected startup also reminds me kinda of my old laptop I had until 2022. I remember trying to use the innate Record feature in Roblox to make a video on Become Fumo back when I had that laptop and I'm not kidding when I say that it crashed my _entire computer._
When I was 12, I had a laptop that would lag emulating Gameboy games.
this is almost the same as my old laptop before. when it boots up it just randomly open apps and as a child, i just close everything and call it a day
The boot time still isn't equal to the time before the infeciton, which means the cancer did some damage or it wasn't removed completely.
You know, now I wonder that this would probably be some kid's actual computer somewhere around the world...I'd imagine how they would have so much patience to even use it since there's a lot of shit going on lol
I just saw a new Michael MJD video, and now there is an Enderman video in the same day!? Yes please!
the $5 windows 98 pc
this is the final boss for computer engineers
Love the music you select for your videos
sure, reinstalling windows is the better choice, but this is a really good way of going about it if theres important data on the computer, at least to make its retrieval easier
there isnt any guarantee your important files aren't infected, best to comb through them to see if theyre really clean.
I would also do a windows defender online and offline scan, they are pretty good at grabbing stuff.
What happened to your profile picture it's close up the top left
him: cleans PC
also him : *proceeds to play legendary songs*
3:00 I died of tears when the turip ip ip ip ip ip ip turip
10:50 It's not that it couldn't. It's that malware and adware are two different beasts.
3:04 TURIP IP IP!
Nice touch on the selection of the music 🎶
Thanks for motivating me to fix a virus in one of my old laptops
Btw how do you get the C drive storage and task manager graph widgets on the desktop?
Holy crap. 6,000 threats. Yeah, at that point formatting would've been the best option
Before that dban or other equivalent scrubbing. And still I wouldn't be 100% sure that HDD doesn't have FW level malware.
The two 5 year old Flintstones gummies in my system when I get an illness
The fact is this is the worst pc that got infected alot You repair good! Your the best tech guy or something I've been watching you since 2019
Ha I have even worse pc than that
I had a acer computer infected it had celeron cpu it wouldn’t boot up
@@TallEdge90 Lol same I even got a script virus from shitty ads that turns on my cpu too which is impressive
infected with turi ip ip ip
about 1% of the icons on the desktop are not malware (bluestacks, game center)
And VMware
I think he at some point he uninstalled google chrome and had to reinstall it
Either he just went rampaging downloading everything and a couple things were innocent, or they're trojans
2:50 Grandpa: "AHHHH! TOO APPS! OH MY GOODNESS, THIS IS TOO MUCH!"
IDK if it's just me, but I can't remember the last time I heard of someone actually disinfecting a system.
If something gets past Defender/MalwareBytes/whatever, everyone I know would just go straight to "nuke and restore from backup."
Granted, having backups makes you more tech-savvy than 95% of the population, so maybe there's bias there...
"I honestly didn't expect it to succeed that bad" got me ghhaahhahahha
at this point, i would just buy a whole new computer
Nice Video bro and good work!
I really enjoyed this video. Thank you 💕💕
I wonder if a decked out powerful pc would be able to handle all of that malware crap and still be usable. That would be funny to see
I think there are videos about that
even an amazing pc can be dragged to its knees, think about it more power more cripto mining
3:00 my ears: hmm i hear that song before.
my brain: TURI IP IP IP
Still better than skibidi toilet
I use Macrium Reflect as well. It takes a while but you have a complete clone of your hard drive
This was so entertaining and informative too !
2 videos in a single day??? 🥰
Kinda wanted to see how well Microsoft Defender would handle it
I've a nice tool to recommend, it's called Hitman Pro and is like AdwCleaner, I think it would've been a nice touch to try scanning the infected machine with it
I'm a sysadmin, and I definitely take reimaging for granted. Malware? Reimage. Broken updates? Reimage. BSOD? Reimage. It saves a lot of time on needless troubleshooting when you can just get the PC back to a known working and stable build in less than an hour.
I once had infected my PC so badly that I couldn't normally use it and 100% of the processor would be busy once PC fully started.
From the moment where I could see my desktop to the moment where trash-ware started popping up, I had a little window of time to quickly boot task manager and end unnecessary tasks. Once I did it, I had some breathing room and finally could start removing some programs.
After the removal and the process of resetting my PC, checking the task manager for garbage and deleting the related programs over and over again, I have installed temporarily some antiviruses and turned on windows defender (didn't even realise I had it off).
After my hard work, antiviruses job and windows defender magic, I was left with a clean PC that now has no signs of any malware or other stuff (I have deleted the antivirus I have downloaded because it was Avast and I don't like it)
The PC was left with an annoying scar though - every time I boot my PC, shortly after logging in I am greeted with a PowerShell command window (which is empty). It just appears, chills for about a second and leaves. It appears every time I boot my PC and only once. From the time I turn my PC on to the time I turn it off.
Any suggestions or explanations?
id say just reinstall windows, also most viruses will turn off defender without your knowledge
End the powershell its most likely a hacker on ur pc
Powershell popping is 100% a sign that you still have malware on your PC, just reinstall windows
POV: in a few months the OP’s account starts streaming some Elon Musk crypto scam
Ok apparently it's more than just PowerShell booting up - I get a lot of Steam emails with steamguard passcodes things, even though my Steam account has all the account safety on
pov: grandma bought a computer to use facebook
TURIP IP IP IP, nice work bro
Enderman was always fascinated by Windows and malware. He loved to experiment with different operating systems, tweak their settings, and see how they reacted to various threats. He decided to share his passion with the world by creating a UA-cam channel, where he posted videos of his Windows experiments and malware reviews.
His channel quickly gained popularity, as many people found his videos informative, entertaining, and educational. He showed his viewers how to use Windows in ways they never imagined, how to analyze and understand malware, and how to protect their computers from harm. He also had a sense of humor and a friendly personality, which made his videos enjoyable to watch.
However, not everyone appreciated his content. UA-cam, the platform that hosted his channel, started to give him trouble. They claimed that his videos violated their community guidelines, promoted unauthorized access to paid content, or encouraged illegal activities. They removed some of his videos, gave him strikes, and threatened to terminate his channel.
Enderman was shocked and outraged by UA-cam's actions. He felt that they were unjustified, unfair, and biased. He tried to appeal their decisions, but they ignored him or rejected him. He suspected that UA-cam had something against him, maybe because of his race, his accent, or his niche topic. He felt helpless and frustrated, as he saw his hard work and passion being destroyed by UA-cam's arbitrary rules.
But he was not alone. His fans, who loved his videos and supported his channel, stood by him. They rallied behind him, voiced their opinions, and demanded justice. They signed petitions, tweeted hashtags, and contacted UA-cam's representatives. They showed their solidarity and loyalty to Enderman, and expressed their gratitude and admiration for his content. They told him that they would not let UA-cam take away his channel, and that they would fight for his rights as a creator.
Enderman was touched and inspired by his fans' actions. He realized that he had a community that cared for him, and that he had a responsibility to them. He decided to not give up, and to continue making videos. He also looked for alternative platforms, where he could upload his content without fear of censorship or termination. He hoped that one day, UA-cam would realize their mistake, and restore his channel to its former glory.
Enderman's story is not over yet. He is still facing challenges and obstacles, but he is also growing and learning. He is still making quality Windows and malware videos, and he is still gaining new fans and followers. He is still Enderman, Enderman, Endermanch.
still more repairable than my oldest laptop
Me vs free minecraft 2018 updated:
>Was named fast
>Actually slowed down the computer
Pov: What I was feeling when I was deleting miner on my pc
I think you should get your data on another hard drive and format the drive, then reinstall windows, it would be so much cleaner if you disinfect the computer before backing up that data.
You don't need to disinfect your PC or to factory reset it before formatting your hard drive as you will format it before reinstalling Windows
@@enzoduvernay4540 Yeah, I forgot about that I will edit the comment right now.
@@MSWinNT Ok, btw I agree with the fact that in some cases it might be better to disinfect your PC before backing up your files as in some cases you haven't backed up your data or it's too messy to work with
windows 10 according to linux users:
Windows 10 according to Windows users:
@@hmroid6884 no, more like "Windows 10/11 according to Windows 7 users"
@@atsizbalik I don't consider w11 a operating system it's just corporate endorsed spyware+
Rubbing a powrful magnet on that hard drive is the only way to purify it
One thing I would have done when cleaning malware10, is I would have gone into malware bytes settings and enable rootkit scans, so it could clean some of the most nested malware on the computer
Thank you Enderman for being so consistent and always uploading fantastic content. You are underrated and deserve a lot more for the effort you put into this channel.
talk about the video *DUMASS*
Step 1.
Replace harddrive
Id be happy to try this out sometime if you can allow access to the files on the drive
How well would a Windows Defender offline cleaning done in lieu of that initial Safe Mode offline malwarebytes scan? The one where it reboots into an offline self-contained instance and scrubs the whole drive? How many instances would it catch?