Valid Statment?

[Mushin]

Do you think that the following is a valid statment?

Quote:

In the computer service and repair industry there are vastly different ideas about what it actually means to successfuly remove infections from a computer. Some companies and technicians feel that a successful removal means that the infection is simply deactivated. Others feel that a virus infection can be cleaned from a computer just by running a battery of different anti-virus programs. While both of these approches can "fix" a computer in the short term, neither of these approaches go far enough to ensure that all portions of the infection have been eliminated. This leaves the computer open to reinfection and future performance issues.

I am not concerened about what the best removal methods are. I am more interested in your opinion about a statment like this.

[JBCOMPU]

Well I think there will always be virus creator's, and Yes computers will alwyas be open to re-infection.

[ATTech]

Any noticeable differences, unnoticeable differences that affect the confidentiality of the user's information, or differences that can cause issues down the road, are rectified.

That's what it means to remove a virus from the computer.

[hondablaster]

It can and probably will be argued both ways. But I think its very true and fairly objective statement.

[Puff]

"neither of these approaches go far enough to ensure that all portions of the infection have been eliminated"

Well of course not because security best practices dictate that OS of an infected/compromised host should be reinstalled. That being said, how many customers are actually going to want to go through the trouble and expense of reinstalling each time they get a virus? While the statement may be true, the author needs to understand that most people are not willing to pay the cost of having it done right.

The shops that simply deactivate the virus but do not remove it are doing so probably because their customers are not willing to spend more than $50 bucks. I charge $149.95 for virus removal and prevention which includes installing all service packs/important updates and I guarantee the work. Most people tell me that's too much and leave and that's fine because I'm not going to be the shop that does it for $50 only to have the customer come back a week later because he or she is infected again.

Basically, you get what you pay for and there are a lot of people out there who just don't want to pay to have the job done right.

[basic]

Quote:

Originally Posted by Puff

"neither of these approaches go far enough to ensure that all portions of the infection have been eliminated"

Well of course not because security best practices dictate that OS of an infected/compromised host should be reinstalled. That being said, how many customers are actually going to want to go through the trouble and expense of reinstalling each time they get a virus? While the statement may be true, the author needs to understand that most people are not willing to pay the cost of having it done right.

The shops that simply deactivate the virus but do not remove it are doing so probably because their customers are not willing to spend more than $50 bucks. I charge $149.95 for virus removal and prevention which includes installing all service packs/important updates and I guarantee the work. Most people tell me that's too much and leave and that's fine because I'm not going to be the shop that does it for $50 only to have the customer come back a week later because he or she is infected again.

Basically, you get what you pay for and there are a lot of people out there who just don't want to pay to have the job done right.

The quote isn't saying it's right or wrong or that not reformatting has to be justified. It's just pointing out that it may not be completely clean as some techs might think.

[Mushin]

Puff,

I agree 100% with what you said. So everyone can see where I am coming from in regard to getting input. This is some wording that wrote and I am putting up on my site and will proabably follow up with a blog topic aimes at educating end users about different "repair" costs.

I feel that the methods we use to remove infections are very good and they do not fall into the quick fix or brut force methods that I am hinting at.

[iptech]

Quote:

Originally Posted by Puff

security best practices dictate that OS of an infected/compromised host should be reinstalled.

Where do you draw that from? It's something I've never seen or heard of. It sounds a bit Best Buy/Geek Squad TBH.

Security best practices surely 'dictate' that a system should never be compromised in the first instance? Suggesting that a computer virus can only be disabled or killed via nuke'n'pave is a bit naive. Where was that quote drawn from, I don't see a source reference?

[red12049]

Quote:

Originally Posted by iptech

Where do you draw that from? It's something I've never seen or heard of. It sounds a bit Best Buy/Geek Squad TBH.

Security best practices surely 'dictate' that a system should never be compromised in the first instance? Suggesting that a computer virus can only be disabled or killed via nuke'n'pave is a bit naive. Where was that quote drawn from, I don't see a source reference?

Perhaps from Microsoft themselves?

http://www.eweek.com/c/a/Security/Mi...ng-Impossible/

Rick

[TopLevelComp]

Quote:

Originally Posted by red12049

Perhaps from Microsoft themselves?

http://www.eweek.com/c/a/Security/Mi...ng-Impossible/

Rick

It's been a policy of mine to let the customer know, right at the get-go, that I cannot guarantee a completely 100% virus free computer after it has been infected, some viruses and rootkits get so embedded into the system that I can never completely remove it without wiping the hard-drive and starting fresh. A lot of customers appreciate the fact that I tell them that upfront and don't tell them after I've done the work and go "Hey, we need to wipe the hard-drive."