7
Stumped by malware that came back after a reinstall
A client's laptop had a nasty virus. I scanned everything and reinstalled Windows clean. But the virus returned after a couple days. I discovered it was hiding in the recovery partition. This has me questioning my approach. Do you guys check the recovery area every time? What's your go-to method for this?
4 comments
Log in to join the discussion
Log In4 Comments
west.casey2mo ago
Yeah, I read an article about this exact thing. The author said recovery partitions are a common blind spot because most tools don't scan them by default. Makes total sense now, you have to wipe the whole drive.
8
annajenkins3mo ago
Man, that reminds me of the time I found a crypto miner in a printer driver.
7
lucasw573mo ago
Found one in a free PDF converter once. Slowed my whole system to a crawl. Took me forever to figure out where it was hiding.
3
grant4783mo ago
Wow, that's a nasty trick. A buddy of mine had this exact thing happen. He wiped a computer for his cousin, and the junk kept coming back. He finally figured out it was sitting in the recovery partition, waiting to reinstall itself. Honestly, it made him change his whole routine. Now he wipes the drive completely, partitions and all, before he even starts. It's the only way to be sure.
7