Meztiso

I am about to start a small computer repair business. One component of my business plan is to provide malware disinfection service, both "in house" and service outcall.

I use Ewido and AVG for this, but I do not think these will be adequate to be able to perform the job fast enough to retain profitability.

Is there a one-shot, "fire & forget" program that will do it allk without any time-consuming User prompts ?

For this "industrial" application, I would like to be able to configure the software to perform several tasks in sequence, the first of which is to delete the temporary internet files, where many malware reside. Clean-up! does this, but cannot be configured as broadly as I would like.


Then "targeted" scans in order of most likely directories to be infected. All of this is to be done off the client's machine, with the clients HD installed as slave.

After disinfection, a thorough "chkdsk" type of function and finally a defrag. Currently I am using Diskeeper 10 Pro.

I am looking at improving upon any of these methods. For the price I intend to charge, the customer has only a limited expectations for full-retrieval of their data. Data recovery is another service, but one that I am not yet qualified to provide.

Meaning that if the customer loses some data during the disinfection process so that I can do it quickly, that is the level they are getting for the price I am charging.

Any comments or advise welcome,

Meztiso

SpySentinel

For Malware Removal,
Symantec Client Security 3.1 and Symantec AntiVirus 10.1 Corporate Edition are both good. Also Kaspersky AntiVirus Business Optimal is good as well.

Meztiso

These look like programs that you install on the client's computer. I am looking for something that can be used on the infected Hard drive while it is installed on my computer. Also, these programs seemed to be more oriented to the networked (corporate) professional, and not the professional that shows up at your door to disinfect your Gateway.

Meztiso

Anyone ?

MicroBell

Please read this.....
http://www.techsupportforum.com/showthread.php?t=15968

This is just a basic cleaning process which we run our users through before attacking the infection directly. Programs like AVG, Ewido..etc can all be uninstalled once the cleaning process is finished and can be run from another HD if you like to scan the slave (customers HD). There is NO one program that can do it all.

Because malware is so invasive there's no way to determine which directorys malware will install to. If your going to offer "Malware" removal as part of your service you will need several tools to do this and then offer advice on software programs they can use... so they can avoid the infection in the future. Be aware that malware removal can be a tedious and time consuming effort. Some malware can NOT be removed using conventional methods (meaning automatic scanners won't work) and will require manual removal using other methods.

Meztiso

Thanks, I understand all of this. You are coming from a perspective of being "meticulous" and I am going to compromise this in the interest of time (and consequently) money.


As far as manual removal, that will not be included in the basic package price, as I am very aware of how tedious some of this stuff can be to remove. That's exactly the problem, as most people will not pay for the time & expertise required to do the job "right".

So my target market are those that are willing to settle for "good enough".

For example, my most recent "customer" (actually giving it away free for training and method refinement purposes) limped along for months with a completely unprotected system and a teenager running "kazaa". She MIGHT pay me $50.00 for the 4 or so hours it will take to get MOST of it off, but she won't pay me the next $50.00 for the remainder.

(Note: these aren't "hard" figures, as they have yet to be determined in the field, but they are what I am starting with and they will evolve.)

So what I am trying to do is get the most malware off as fast as possible in order to keep the price as low as possible in order to maintain the endeavor's economic viability.

So performing a "mass deletion" of certain unecessary files is a preliminary measure to speed up the process before the real "festivities" begin.

Another area of primary concern I have identified is the System Restore files. While running this last person's HD as "slave" on my own system, I somehow managed to get one of her infections in one of my own System Restore files.

What do you think of simply deleting all of these files before even running scans ?

MicroBell

You can't delete system restore files...as they are protected windows files...but simply disable/enable system restore will clear those restore points and the files. It's a good idea AFTER you have cleaned the system.

That's what we have our users do at the end of their cleaning process as it's likely the malware/virus..ect is in a restore point. Doing so when you begin the process...is NOT recommend..as if something goes wrong...you have NO restore point. Better to have an infected restore point to fall back on..then none at all. Anyway..since your not going to take your malware removal as a full out attack..then I would recommend using the following.

CounterSpy <---Trial and paid version. One of the best on the market.

AdwareSE <---FREE and gets many things
Spybot Search and Destroy <-- FREE and used along with Adware will do a fair job.

Ewido <---Trail and paid versions. Ones of the best at getting both malware/virus and trojans.

Then use whatever antivirus you choose. Using those 3-4 programs should get about 85%-95% of the bad guys.

Jeromi

What you need Metizo, is an anti-virus, anti-spyware, registry cleaner and cache cleaner that do not run in real-time. This means that when you get your clients computer you can simply run these 4 programs once or twice each to remove a majority of the malware, temporary files and registry errors.

Anti-virus & Registry Cleaner your best bet might be running scans with AVG. This product is free but I would look into possibly paying the small amount to get a license to that you are operating legimately.

Anti-spyware I would contact the company, ParetoLogic.com, to provide you with a free license of both XoftSpySE and RegCure. They are two of the best products in their respective classes and they are super lightweight and effective. They would be perfect for removing the majority of the malware/registry problems. Just running a fast scan per computer usually does the trick. My brother in-law worked out a wicked deal with them and he does the same thing as you but just uses all of these products on a USB key.

cache cleaner If you go to http://www.stevengould.org/software/cleanup/ you get a product called Windows Cleanup! 4.0 for free from the site and it clears all the useless temporary files, internet history and cookies off the computer. I use this program myself every couple of days and I recommend it. Its simple, easy to use and it does exactly what it says.

I hope this might give you an idea of what to look for. I'm new to this site and thought one of my first posts should be something that I have experience in and have learned quite a bit about.

Cheers,

Meztiso

Thanks Jeromi! I already use CleanUp!, in fact it is the first thing I run.

MicroBell I would like you to say this again to be sure I understand it. I have always thought you could turn System Restore on & off again at will. Am I correct in understanding that as soon as you turn it off, ALL System Restore points are permanently lost ?

Also, I am curious about what you do when an infected Restore Point re-infects the computer?

dorts

You are right.

As far as I know, A previous Restore Point that is infected at that point of time will not be active. So as long as you don't revert back to the infected Restore Point, you will not get infected. Correct me if I am wrong.