Linked by Thom Holwerda on Tue 4th Apr 2006 18:53 UTC
Privacy, Security, Encryption In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit."
Thread beginning with comment 111344
To read all comments associated with this story, please click here.
What a relief!
by alcibiades on Tue 4th Apr 2006 19:31 UTC
Member since:

Its what I always tell people - if spyware is detected, the only solution is reinstalling from scratch, but I always felt like a paranoid maniac, or at least, I felt this is what the world thought I was being. So to have it confirmed by the official MS security guy is an enormous relief. Now I can say, MS lets go.

If you go into any computer workshop around here, you will find PCs on benches running anti spyware stuff. The shops, if you mention Linux to them or give them a live CD, look at you as if you were an idiot. If you suggest maybe they can't be sure they have cleaned them, and it takes too much time, and reinstalling would be simpler, just stop talking to you. Obviously someone who knows nothing.

Good to have ones conclusions confirmed once in a while.

Reply Score: 1

RE: What a relief!
by Kancept on Tue 4th Apr 2006 20:53 in reply to "What a relief!"
Kancept Member since:

I ran a shop for over 7 years here. We used linux and other OSes in the backed. The reason we look at you like that is that most of us charge hourly. I generally pull the HD, slap it on another win-system and disinfect from there, so that their filesystem isn't "live". It gets done, usually fairly well, and it sucks up enough time that we made our money without having the customer think it was so simple.

And before you tear into that, usually if a job was done too fast, clients would think we were lying to them about the repair being needed and not want to pay. You have to find the right balance in your area of too fast vs. gouging.

Customers are fickle and not loyal for the most part, and you have to find the happy medium.

It's also not good form to walk into a repair shop and tell them they should try something. With all the machines on the benches being automated for repair for the most part these days, what do you think we do all day? Right, we surf the web, read up on things, and tinker with our own systems. Most shops aren't a bunch of n00bs with Adaware and spybot.

I now help a library part time and we have DeepFreeze on all their public systems. Every evening when they close, the systems undo anything automatically. All persistent images, nothing gets changed. Works great. The new version allows s writeabre area, which should be fine for most home users once they setup their systems how they want.

Edited 2006-04-04 20:57

Reply Parent Score: 2

RE[2]: What a relief!
by alcibiades on Wed 5th Apr 2006 06:42 in reply to "RE: What a relief!"
alcibiades Member since:

"It's also not good form to walk into a repair shop and tell them they should try something."

No I agree. They are friends actually, and I don't make a general practice of it! But they are a lot less sophisticated than you guys sound. Like most around here, they just load spybot and so on, and then run them on the machines themselves. So you see a couple machines on the bench with each several hundred items detected. You can't know you have cleaned them. And when they come back, well, there never was, could not be, any guarantee. As for Deep Freeze, don't think they have heard of it.

It not just the infections, its the hospitals and surgeries as well!

Reply Parent Score: 1

RE[2]: What a relief!
by aGNUstic on Wed 5th Apr 2006 12:54 in reply to "RE: What a relief!"
aGNUstic Member since:


I would have to agree with you on the DeepFreeze. At my work as former lab supervisor at a community college I used deep freeze on all the 125 (5 labs) computers in my area.

It may have been a pain in the @rse to work with in its early version it helped keep my systems clean and ready to go at every reboot.

The online, Internet-capable, labs were always being ripped by one virus or another, malware, surf-by downloads, changed desktops (some not appropriate from one class to another, generally the back rows where hard-core porn addicts sit and surf), etc. After a reboot, DeepFreeze put it back to the clean-and-pristene settings. I was the first to use it there with a 120-user license and then the institution bought a campus-wide license and put it on their online terminals.

Too bad Micros has not really listened. A third-party company had to step up and create a solution for Micros's rock-solid software. Using DeepFreeze allowed me to get back to doing what a Linux and MS systems administrator should do: working with people and servers.

Reply Parent Score: 1