The Local Computer Repair Shop is Questionable

[debodun]

The local computer "repair" shop doesn't really try to track down viruses or malware. What they do is just wipe the HD and re-install the OS. They never even called me to ask if I wanted to save anything. Good thing I had most of them on an external HD, but still....


Just left me wondering if they just took the easy way or if are they even capable of going after infections.


A few years ago, I took my old external HD to them to fix. They called and said they couldn't fix it and were shipping to to Wisconsin to have someone else look at it. Figuring it would cost more to ship and fix a 10 year old EHD than buy a new one, I told them not to ship it and I'd be right over to pick it up. When I arrived, they handed me the EHD in pieces.

 

[Barman58]

Most techs will go the same way. if only to keep costs down for the customer, the full investigation & removal of Malware infections will take many hours.

They should of course be professional about it and inform the customer and get their written consent prior to starting anything

Best practice with modern system is to have two disks, an SSD for the OS and Programs and a conventional Hard Disk for data, this means that any damage to the OS should do minimal damage to the most important stuff - the files. and can be replaced with an image quickly. 10 Minutes or so

I worked for years in Industry in various roles up to System Admin, It was standard practice to keep all data remote from the users on a server, and keep various Image files for the different user levels, this system allowed full reinstall to a users workstations in minutes (the logon to the local workstation would set up the access rights, specialist software etc for the user. THis is not required for a machine at home but some parts of it can help reduce the distress due to a failure

 

[Golden]

Just left me wondering if they just took the easy way or if are they even capable of going after infections.

Malware removal is really a highly specialist area. Its often easier to format the HDD, but more importantly the format guarantees that all traces of malware are removed.

 

[sheffieldyorky]

I was a business owner from 1974 to 2008. I ran a very successful mechanical and electrical contracting company (qualified electrician). I had to close it in December 2008 due to a recession in the UK, which added all 50 of my employees to the unemployment registry. I’m now retired, and currently I undertake voluntary IT support at the local Community Center and their IT school until the funding from the local council runs out. I also repair laptops for something that can occupy my brain, they are brought to me by people in the neighborhood sometimes I repair for them free. I take this as a way to giving back to the community.

I also buy broken laptops from eBay and sell them back with a profit. One of my major passions is helping people with anything and everything I.T. related.
This stems from my knowledge dating back to Windows 3.0,3.1 etc. and the fact that I was a Microsoft Windows beta tester for Windows 95, and Windows 98 goes a long way.

The profits from eBay related sales has allowed me to purchase an Audi A3 1.9Tdi

Any laptop or desktop that goes through my hands ALWAYS gets a 12 month guarantee on the machine, there are of course exceptions, one being infected with a Trojan,Heuristic virus,Ransomware and finally Malware.

Anything that I repair is security marked.

Tony

 

[Alejandro85]

Their service wasn't questionable, that's the apropriate action for the situation.
What IS questionable is them not asking for a backup before wiping the drive, that could lead to you losing data before a rescue attempt is made.

Reason for this is simple: you don't know what a virus could have done to the system, therefore you can NEVER know if you've really cleaned it or there is something malicious left. Tracking down an infection is theoretically possible, but in practice is a quite difficult task and impossible to verify.

This is the reason to why any security expert will immediately advice for a complete wipe ("nuke it from orbit") and never attemp a recovery. A disk could be kept for forensic post-mortem analysis, but never more for production use.

So the tech opted for the fast, easily verifiable, proven method to solve the malware issue, and refrained to go for a doubtful, imposible to warrant way with a chance of reappear with unknown consequences.
They did the right thing to do.