OT: Antivirus and other antimalware stuff

Nowadays no, I think anything less is asking for trouble.

Of course you can copy data files off onto a USB drive before scrubbing, then virus scan that disc before copying them back after re-instllation.

You'll need to work out how you're going to deal with customers who have no reinstallation media ... or whose software licences are less than squaky clean.

The local repair place only offers a wipe and reinstall option for malware issues - allegedly for this very reason. Of course they then charge extra for "data recovery"...

I spent the best part of 2 days removing a nasty infestation from a PC that "must not be wiped" I made sure it was 100% clean, but he paid for the time involved! Rootkits and encrypted registry entries were involved, it was messy :(

Lee

The proper way to "not mess about" is not to use Windows in the first place. Then all the above incantations will not be needed.

Deleting and restoring the system partition is a pretty good start. But most home PCs have only one partition so that scrubs the data too. If the customer uses removable media for backups then you need to disinfect them before restoring data from them. So if they use an external disk for backups make sure that they bring that with them.

Other than erasing and reformatting the PC and all of the backups there is no 100% certain way of removing malware. The best you can do is to carefully copy off the data on to clean media. Run AV software on that copy to make sure that nothing has sneaked through. Erase and reformat every partition in the suspect system. Restore the OS.

You could have a pre-prepared image of various versions of Windows. It's possible to erase the product key from a Windows system so that it will ask for a key the next time it reboots. Do that before you take a disk image then use the customer's key when you boot the system again. Make sure that the customer has a valid key that they can use. If they don't then offer to sell them a legit copy of Windows.

Make the customer aware that no antivirus software is 100% effective. Put it in writing.

I would recommend that you do all of the above using a suitable Linux boot disk.

I would guess that the majority.

My last three computers have not come with such a beast and I have no idea how to get one (and I'm a computer professional - though obviously not with PCs)

tim

You forgot two words.

"... will not be needed AS OFTEN".

Mac and Linux malware is much rarer, but does exist.

Andy

No one has actually ever pointed me to any linux malware at all.

It potentially exists, and for sure you can get javascript stuff, but it isn't as destructive.

Linux tends to be more hacked than subject to malware.

Oh, there are times when I think the whole font subsystem is Mac malware..

Well, personally you would best be advised to put the options in writing and then get a customer to sign for which ever option they decide to pay for. Obviously it would need to be evaluated first. many people when faced with saving off loads of data, having to replace software etc and all of that, will opt for a clean and hope for the best. One can of course get software to monitor packets act to see what is going on but there are now so many so called legitimate data making bits of software inside commercial products, it can be hard to determine which are not the right ones. I noticed the other day that the java runtime has what it terms a metrics registry entry, which I suspect does some feeding back to Oracle as to the usage. Who knows. with so many things looking at your computer these days, can anyone be sure someone is not snooping?

Brian

I suppose my intervention was OT in an already OT thread. I just shake my head in amazement at how many people seem to consider farting about with virus software and "cleaning the registry" (whatever that may be) as perfectly normal activities. WTF?

Which advice ignores the fact that Windows has the widest choice of software available, which has the best support available and does not require a deep and abiding interest in computers to use it. It is the only practical choice for the vast majority of business users.

Colin Bignell

No.

The latter.

It's just another demonstration that people can get used to anything.

Well it appears to need it, doesn't it? If you have a car that needs servicing every 1000 miles, don't be surprised to see service shops for that model all over the place, compared to not many for the model that runs 50k miles between services. It's no good then turning round and saying that the former must be better because there are lots of service centres for it.

Well it seems that it does require such an interest, judging by these threads.

That's because it's what the company's IT dept foists on everyone. AKA jobs for the boys.

Not in my experience.

You will also see a lot more places that service Ford, as compared to Ferrari. That is because a lot more people buy Fords.

That depends upon your definition of 'better'. For most business users, better means easy to install, easy to use and compatible with what everyone else uses.

Not in my experience.

75% of businesses in Britain have just one person in them. Over 98% have under 20 employees. They don't have IT departments, but do want programmes that work out of the box and printers that are compatible from the moment they are plugged in.

Colin Bignell

Makes you wonder why they don't buy more Apple kit, then?

Those who need to work with graphics probably do.

Colin Bignell

Indeed. if there is one reason above all others to go 'linux' or if you must OSX, its to eliminate the registry...and insulate yourself from viral attacks.