Jump to content

Ignorance of 'techs'


kimsland

Recommended Posts

Hi.

I recently started a new job in a computer tech shop, with two other computer technicians already working there.

Progressing along with solving computer (hardware/software etc) issues, I found myself downloading and running Malwarebytes quick updated scans (obviously on malware infected computers)

All seemed ok and I thought I was doing what was needed.

To my absolute shock! My 'technical' Manager (including being backed up by the other 'technicians') stated: "Why are you using Malwarebytes? It's not seen as a very reliable anti-malware removal program?"

?

My response was (word for word): "Um, yes Malwarebytes is reliable, AND its likely the BEST anti-malware program in the world, or VERY very close to it!"

My 'computer technical' Manager, then proceeded to tell me: "If I must run it (ie the 3minute scan, or thereabouts!) then do I have to update it first, because its taking too much time!"

My response: "Only if you want it fixed!!! Otherwise it may be best to backup/format/re-install, if that's your way of doing things :( "

As it was we ended up re-installing Windows clean (ie taking TOO long for me to fix the issue ~ 30mins). But that was not my point! My concern was Ignorance of 'techs'

And don't even get me started on combofix and 'others', because they are miles and miles away from their malware removal abilities - Very scary.

Note: I appreciate that computer tech shops generally re-install clean as the first option, I just don't like it!

Link to post
Share on other sites

Most techs at that level don't have any real understanding of malware removal beyond running a utility that does the work for them (I know I didn't when I was at that level). Fortunately, there are some out there who do know at least the basics (common load points, basic log analysis, etc), however those are the rare ones, and they normally don't work in retail shops doing basic computer repairs (or at least not for very long).

At that level, speed is usually more important than how the job is done. The faster the turnaround time, the more likely customers are to leave their computers for service, and as long as it at least looks like the problem has been repaired then the customers are usually happier with faster turn around time.

Now as for 30 minutes... OK, so you should usually be able to run a Quick Scan in MBAM and a utility such as OTL or ComboFix in 30 minutes, but I wouldn't want to claim that a computer is clean without running an anti-virus scan from a reliable AV software as well. That doesn't even include infections that are more stubborn, and require more work to try to remove. Reinstalling the OS is a bit on the extreme side, as it forces the customer to reinstall all of their applications, and restore any of their data that they had bothered backing up. Admittedly there are cases where a reformat and reinstall is best, or where a customer doesn't want you to take the time to clean the infection from the computer, but in any other situation I prefer to make a proper attempt to clean the system before suggesting a reinstall.

Link to post
Share on other sites

Fortunately, there are some out there who do know at least the basics (common load points, basic log analysis, etc), however those are the rare ones, and they normally don't work in retail shops doing basic computer repairs (or at least not for very long).

Thanks for that GT500, well answered.

It is true that the 'computer retail shop', has its irritations for me (to say the least!). I am presently looked upon as slow and a little too involved. I can tell you, it doesn't work. So I stay there out of (present) need only basis. By the way it seems that a noisy internal hard drive or even faulty ram, means the client MUST buy a complete new system! Go figure, times have changed. People like me are 1. NOT respected 2. not needed anymore, in business. I come from the days when we even tested network cables (including modem lines) with protocol analyzers and multimeters and even checking voltages/currents with oscilloscopes.

As for software issues its > Re-install > Forget looking for recovery partitions (if it takes too long to read the manual, or google the answer) > Just 'format' (only) > Throw in Windows 7 (seemingly most common OS these days) > Hope for the best > Return to customer.

Wow I fixed a rootkit issue AND repaired (actually semi-clean!) Windows, whilst being a dummy. Except the name computer 'tech' is slowly getting a bad name because of it. Bring back the 90's. By 2020 I'm quite sure 'techs' will be obsolete entirely. That's an android's job.

Link to post
Share on other sites

shops , internal politics , personality conflicts , technical prowess , time versus the bottom line , etc .

the main difference between comps and other electronic "joe consumer - every one has one" items (such as a television) is indeed the turn around time and price .

this is due mostly in the differences in the viability/thoroughness of the repair .

most televisions have problems that are "hardware failure" . lousy technical analysis ability asides ; swap out a couple of parts and you can just about bet the problem is fixed .

comps on the other hand have software problems (ie : infections) that can be very hard to completely eradicate and when the comp leaves the shop it is at the mercy of being re-infected by the actions of the owner .

this is where one has to hedge the bet ... if the customer comes back in two days later and starts complaining about "lousy work" , "it's doing the same thing" ... the tech/shop owner has to be able to say (with 100% truth and confidence) : "the problem is something you have done" .

this is one reason why a complete wipe and re-installation is the best approach with most "severely infected" machines ... when it leaves the shop you know it is clean .

of course this includes telling the customer the 15 commandments of running a comp (DHL will most likely get the reference) .

back to the television ... customer damage/responsibility is much easier to diagnose and prove .

when a set comes in with "water damage" and there is a residue ring and trail on the top that leads right into the back of the set the problem is obvious and can be pointed out to the customer .

if the set comes back in a week later and has "water damage" again ... it can be pointed out/to and one can state that their workmanship was not at fault .

in both cases there is tangible physical evidence as to the cause of the problem ... this is much easier for the customer to grasp and hard to deny .

comp software issues in reference to "infections" might just as well fall under the heading of "black magic and voodoo" to a large percentage of customers .

as you stated ... you are there only for the present out of need .

somethings i have learned over the years :

one will never win the war , so choose your battles wisely

stay out of shop politics/policies if you are not the owner

if you do not agree with the way things are done , quietly make plans to be elsewhere/do your own thing

(i had to work hard to implement these concepts when i caught the son of a shop owner padding my billing)

Link to post
Share on other sites

Just a note that Malwarebytes' Free can't be used for this purpose. You need a special license which I'm not sure on the link for that as the website is not clear.

Also you should not be using Combofix unless you have been trained or under the guidance of an authorized helper.

Link to post
Share on other sites

Just a note that Malwarebytes' Free can't be used for this purpose. You need a special license which I'm not sure on the link for that as the website is not clear.

Thanks, I found that information in Malwarebytes EULA ;)

  • You may not use or make the functionality of the Software available to third parties for any commercial purpose, such as for providing any computer repair, help desk or troubleshooting service, unless you have each end user purchase from Malwarebytes an individual full license for each Computer on which the Software is run.

That's a shame! But quite reasonable. It does make you think though, I wonder howmany tech shops do in fact use Malwarebytes free on customer's computers and then remove it once complete?

BTW, I notice that the latest Hiren's BootCD does come with Malwarebytes, and is labelling it as 'freeware'! I tried looking up their eula, and cannot easily find it (if exists?). I would conclude that if users are using (freeware) Malwarebytes they they are not restricted by, "can't be used for this purpose". As it would not be counted as reasonable for every single user to go to the manufacturers site to locate any policies that may be attached to already known freeware! (I also note that I could cause concern for the respected Hiren's BootCD bringing up this point, but I would also remind you that other BootCDs are likely already existing in many other places anyway. Oh, sorry, I tend to get involved and go on and on, I'm just going to say > gray, dependant upon application. But I'll adhere to Malwarebytes EULA anyway, of course ;)

Also you should not be using Combofix unless you have been trained or under the guidance of an authorized helper.
Thankyou 'student'. I also helped at many other forums too. Although I never received online 'certification'. I will say I'm very experienced, and have even chatted to sUBS in the past regarding malware removal concerns. I note that two malware removal guides I helped create are still running on respected support forums. Agreed I am not of an online 'malware removal specialist' level any longer, I certainly know what I'm doing though.

Thanks to you, and all others, for your help here. I feel my concerns have been addressed and grateful for the reponses provided :)

Link to post
Share on other sites

Thanks, I found that information in Malwarebytes EULA ;)

That's a shame! But quite reasonable. It does make you think though, I wonder howmany tech shops do in fact use Malwarebytes free on customer's computers and then remove it once complete?

BTW, I notice that the latest Hiren's BootCD does come with Malwarebytes, and is labelling it as 'freeware'! I tried looking up their eula, and cannot easily find it (if exists?). I would conclude that if users are using (freeware) Malwarebytes they they are not restricted by, "can't be used for this purpose". As it would not be counted as reasonable for every single user to go to the manufacturers site to locate any policies that may be attached to already known freeware! (I also note that I could cause concern for the respected Hiren's BootCD bringing up this point, but I would also remind you that other BootCDs are likely already existing in many other places anyway. Oh, sorry, I tend to get involved and go on and on, I'm just going to say > gray, dependant upon application. But I'll adhere to Malwarebytes EULA anyway, of course ;)

Thankyou 'student'. I also helped at many other forums too. Although I never received online 'certification'. I will say I'm very experienced, and have even chatted to sUBS in the past regarding malware removal concerns. I note that two malware removal guides I helped create are still running on respected support forums. Agreed I am not of an online 'malware removal specialist' level any longer, I certainly know what I'm doing though.

Thanks to you, and all others, for your help here. I feel my concerns have been addressed and grateful for the reponses provided :)

Well they have to keep improving their product somehow. ;) I've seen a fair amount of them coming here and are not aware of that which is really sad considering that they should be reading the EULA.

Hiren's BootCD is not legal. It's actually a violation of the Microsoft EULA to redistribute Windows or it's components as such. The only way you can make such a bootcd with winpe/bartpe is by using a copy of Windows that you already have purchased or came with the computer you bought and can only be used by you. Also a lot of the included programs I don't know if they have special permissions to include them. I know they have been asked to remove programs in the past.

http://www.bleepingc...opic382841.html

You're welcome. :) Ah than you should be fine. :) I see a lot of people using it that have little to no experience so I like to warn others in case they are not aware of the risks. :)

You're welcome :) Let us know if you need anything else. :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.