[jiml8]

Quote:

Originally Posted by iXneonXi

Hospital with university network? Was it a university hospital?? And they just let u randomly walk up to one of their computers in the office/room and start messin with it?
Lucky...

Yes it was a university hospital and the computer was in the waiting room.

[QUOTE-------
Oh and valen, I dont usually reformat either, and besides, if you charge by a fixed rate say $x/hr, wouldn't it be nice to spend 3-5 hours fixing it? I mean if you have som1 else's computer to fix well think about it, u chargin the same price why use gas money, unless you have to get to that client for fear of losing a potential paying person who is computer illiterate and will call you twice a month

how's that for run on? [/QUOTE]
I consider it to be a question of ethics. "Do you want to pay me for 4-5 hours of cleanup, or do you want to pay me for 1 hour of start-over. Your choice."

[I Fix 4 U]

Well that's if ur servicing 200 computers

[Valen]

Quote:

Originally Posted by primetime212

true..but what customer wants to reinstall all of his stuff over again ?? not me ..thats why any informed customer wont choose the guy who reformats at the drop of hat...any tech guy in business foir himself can take advantage of this fact

Well, I'm not sure which market you operate in, but I haven't found that to be true. With the Joe-Blow walkins, I've found that when presented with the choice.. At least in the regions I have serviced the Home user they will always pick the cheaper.
Inside the SMB, It is very rare to run into a *cleaning* situation.
Thats where participation in channel partner programs with SMB to Enterprise level storage and security companies *pays-off*

[PixieStrange]

Quote:

Originally Posted by Valen

Well, I'm not sure which market you operate in, but I haven't found that to be true. With the Joe-Blow walkins, I've found that when presented with the choice.. At least in the regions I have serviced the Home user they will always pick the cheaper.
Inside the SMB, It is very rare to run into a *cleaning* situation.
Thats where participation in channel partner programs with SMB to Enterprise level storage and security companies *pays-off*

Not where I'm at (BFE). Around here you start talking about "Windows" and people think you're referring to those "Clear block thingies" in their walls. When a client gets their computer back, and everything is the way it was, they're much happier (generally) than if you just wipe everything and make them start over. Difference? About $20. Most people (that I've talked to anyway) will go ahead and spend the extra money. It isn't much, but they don't have to take a while getting everything set up the way they like it.

I know personally, I HATE reformatting (even though i used to do it quite often) just because it takes me about a month to get everything back to the way I like it. If I wasn't as lazy, it'd take about 12 hours.

Think the next time I put in a time off request, I'm going to take 3 days, reformat, tweak my system out, then GHOST IT! Then again, I've said that like the last dozen times i've formatted.

[primetime212]

Quote:

Originally Posted by Valen

Thats a pretty broad statement bud, any technician who has spent a moderate amount of time in the channel should know that the time comes when you have/are going to spend a unpractical amount of time removing said infections/issues with an operating system and it becomes unprofitable to sink that amount of time into the repair when you can have it going in a matter of an hour by reformating.

.. God, that was one hell of a run-on sentence.

it doesnt take that long to remove spyware/adware/etc...2 hours at the very most...an hour .hour and a half to reformat and save and copy files

[Valen]

Quote:

Originally Posted by primetime212

it doesnt take that long to remove spyware/adware/etc...2 hours at the very most...an hour .hour and a half to reformat and save and copy files

*Rolls his eyes*
No-comment.

[Alex Ethridge]

"Removal" of parasites is seldom 100% effective. My experience has been that spyware/adware is showing its ugly face within hours if not minutes after targeted "removal" of parasites on over half the systems.

In contrast, if data is backed up and the drive is formatted, reoccurrance drops to around one in five (and that over days, weeks or months instead of hours) and then there is no question that it was due to carelessness/misuse.

I don't like call-backs and redoos so when I format, I get the added benefit of the knowledge that when it was delivered last, it was as a new system, except for a few modifications like security and ALL Windows updates.

Also, when the customer picks it up, they are given a primer that parasites are caused by user participation and/or ignorance, and that all programs designed to prevent it are only aids and that they all can be neutralized in minutes by carelessness. They are also given a collection of documents on parasites and links to antiparasite web sites and articles.

I am very frank with these people when they tell me their ISP has caused "all this porn", spam and pop-ups on the system. I also give them a guided tour of the images in the temporary internet cache and am very direct and firm about the fact it is there because someone using the machine put it there.

Give them the unvarnished truth and either of two things will happen. They will learn the truth about their problems and put a stop to it or I will lose the customer because he/she knows I know the truth and aren't going to pretend to give credibility to their tripe. If a person thinks I am easily fooled, he/she certainly doesn't have any respect for me so I get that out of the way before it starts.

Formatting gives me an impenetrable defense against those customers who claim I didn't do my job right and who want me to do it over for free.

Occasionally, I get those customers who will not tolerate a format. For that customer, I have an hourly rate with no guarantee on the time, and when the best and worst scenario is presented, they always back off and choose format.

[I Fix 4 U]

Personally I don't see how removal of spyware/malware/viruses only takes about 2 hours. Last time I ran a virus scan on someone's computer, the scan it self took an hour. That was just for viruses. I still had to run a spyware scan.

Also, just showing discretion, I don't normally tell the owner if I end up finding tons of porn on his/her computer, I just do what I am supposed to do, remove the malware. In most cases I will also run spyware blaster and change a few IE settings to improve security, and then ask the owner to use his/her computer normally for about 10-15 minutes to make sure everything is still working the way they like it. In some cases I've even told the user(s) how to use firefox.

[Alex Ethridge]

The point of advising what is found on the machine is to inform the persion who has to pay for it, that the computer is a good thing and does its job well and that one or more users in the home is abusing it.

Example: I can't count the wives who bring me their computers who have been convinced by their husbands their computers are full of porno because their ISP did it. I don't mention specifics about who did it; but, if the only other user is the husband, then they can draw their own conclusion. They have a right to know. I can't count the computers ruined by file sharing and the head of the family (and the person paying) has no idea why it happens.

To fix a problem for your customer and keep them in the dark about why/how it happens is a disservice.

As a result of this tactic, there are now wives who have banned their husbands from the computer--permanently. And this recurring problem suddenly stopped when he is no longer allowed to use it.

I am not on a campaign against pornography; but, I despise situations where spouses play their significant others for fools.

I will not silently be a party to that. I owe my customer not only to fix the problem on the computer but to teach them how to avoid it in the future. Anything less is irresponsible.

[primetime212]

Quote:

Originally Posted by iXneonXi

Personally I don't see how removal of spyware/malware/viruses only takes about 2 hours. Last time I ran a virus scan on someone's computer, the scan it self took an hour. That was just for viruses. I still had to run a spyware scan.

Also, just showing discretion, I don't normally tell the owner if I end up finding tons of porn on his/her computer, I just do what I am supposed to do, remove the malware. In most cases I will also run spyware blaster and change a few IE settings to improve security, and then ask the owner to use his/her computer normally for about 10-15 minutes to make sure everything is still working the way they like it. In some cases I've even told the user(s) how to use firefox.

well when I remove all the bad stuff from their computer..I just tell them that they need to do this or that to avoid that in the future..since they only pay me to remove it..I could add prevention but that would take more time and they would have to pay more

[Alex Ethridge]

Quote:

I could add prevention but that would take more time and they would have to pay more

The documents and links were prepared months ago and the time required to give a brief explanation and recommend they read the documents in a folder named "parasites" on their desktop isn't much--and it is provided for in the fee.

A job done without at least this brief effort isn't complete.

Give a man a fish . . .

[I Fix 4 U]

Well thats for those who aren't charging the same price for whatever you do per hour.

[frisbeemom]

The Weak Squad at Best Buy "made a mistake" and did a Systems Restore on my laptop, which had a Trojan Venudo virus. I asked for a Systems Service. They made NO back-up disk for me, of course.

Since this was their "mistake" they said they are going to use some kind of forensic program "like the FBI uses" to TRY to recover my data.
My question is, does this sound feasible? And when I pick it up, is there something specific I should ask re: what was done?

Also, please use my note as a testimonial to the fact that we should all only trust our local, independent tech support people. I stupidly went to Best Buy because when this virus popped up, it was 8:30 at night, and I was desperate to be told it could be fixed. I didn't even know how many tech folks we have in my town until it was too late. I REGRET this to pieces!!!

[primetime212]

CompUsa is worse than Best Buy since they charge $200 just to show up..they better bring some ""escorts" for that type of money

[Alex Ethridge]

Quote:

The Weak Squad at Best Buy "made a mistake" and did a Systems Restore on my laptop, which had a Trojan Venudo virus. I asked for a Systems Service. They made NO back-up disk for me, of course.

Since this was their "mistake" they said they are going to use some kind of forensic program "like the FBI uses" to TRY to recover my data.
My question is, does this sound feasible? And when I pick it up, is there something specific I should ask re: what was done?

Unfortunately, that is the "technique" used by most shops that present themselves as "professional" people so The Geek Squad is run-of-the-mill in that respect. What they did "to" you (as opposed to "for" you) is done based on an assumption that you have a full and up-to-the-minute backup of everything on your system, knowing all the time that literally over 99% of the people don't have any such thing.

Also, over 99% of the time, they don't even attempt to explain that to the customer in meaningful terms.

As for recovery of your data, here's how that goes: When a drive is formatted/repartitioned or, in general, the data cleared from the disk, it is all still there. Every file stored on the disk has a beginning-of-file marker and an end-of-file marker. When the drive is formatted, repartitioned, etc., those beginning-of-file and end-of-file markers are simply removed and the millions or even billions of ones and zeroes that are the bits that make up the Bytes that represent those characters that make up those files are still just exactly all where they always were (and very importantly) until they are overwritten by new files/data.

There is software that can "figure out" where the beginning- and end-of-file markers were and restore them because even those markers, themselves, are partly there, enough so that even you or I could recognize them with a disk reader. Example: an end-of-file marker may look like <EOF>. An erased end-of-file marker might look like <EOF. This is an oversimplification; but, it does give you an analogy you can understand. These markers envelope the file so that the OS knows what it is, where it is and where it begins and ends.

It's sort of like a postal worker finding a piece of paper on the sorting room floor. The paper begins with "Dear Mr. Brown", ends with "Sincerely, Mary Jones" and has a lot of writing on each page. It is obvious to the postal worker this is lost mail; but, without the envelope that encloses it and the address on its front and a stamp, that is, unfortunately, all he can know.

So the "FBI software" goes through the "post office" and finds all that mail that has no envelopes and turns it over to the "postmaster" (you).

Now, back to the part that says until they are overwritten: When the new operating system is written to the disk, it writes data to portions of the disk that may or may not have contained data before. It is very possible that many of the files that are important to you are in space that has not yet been reused, with emphasis on yet. Every second your computer runs its OS, even if you are doing absolutely nothing with it, yourself, the OS is writing and erasing data to and from the hard disk continuously.

Turn off the computer right now and do not turn it on again until after recovery is finished.

Here's the procedure: The hard disk should be physically removed from the computer and connected to a machine that has the recovery software preinstalled. The data will be recovered from the subject disk without writing anything to the subject disk and that data is written to another disk as it is recovered.

Recovery software should NEVER be installed on the hard disk where the to-be-recovered data exists. NOTHING should be installed there. The disk should BE REMOVED and recovery done on ANOTHER SYSTEM already set up for that purpose.

If you find the "tech" intends to install recovery software onto your system, take your computer and run; you are in the presence of dangerous idiots, which, in the case of The Geek Squad, would be the expected as opposed to the exception.