How would you go about doing malware removal and protection?

I have a post here: http://forums.majorgeeks.com/showthread.php?t=214671 that discusses the aspects of how you would bill a customer when you have done a malware removal and complete update / protection of system that takes many hours to complete.

One of the things I note in that post is there would likely be comments on what you would do to speed up the process or how you would go about doing it to keep the total hours down to a minimum.

What I would like to discuss here is how and what do you do to keep the total number of hours down when you are doing a complete malware cleaning of a unit with your average to tough malware as well as when you are having to completely update the OS (service packs), install anti-malware tools, update programs, and etc to make the system as defensive as you can for your customer.

Let me give some examples from the other post and then please give feedback on how you handle these situations.

Now in the above example time easily passes as you are doing all of this.

What do you do to speed up the process???

Do you always blow the OS away and start from scratch?
Do you have some sort of image you use with the latest SP's and tools that you install and then you get the MS Key in place and so on and so on?
If so how do you deal with the different hardware differences?
What about installed software packages that came with the unit?
Users applications...etc.

Even when I have used a similar technique it still takes hours to do to get everything back where you need it (unless you had a recent image of that exact unit).

I think you get the picture... what do you do to minimize the time it takes for all your clients? And if it still takes a large amount of time how do you bill them? (respond about billing in the other post provided above).

Thank in advance for your thoughts on this!

 

Hello, myitanalyst, :wave and welcome to MG. First of all, anyone here, would simply go to the MALWARE thread, and follow the instructions given, and get it done for free. No charges here. :major

Maybe one of the Malware Fighters (that spend countless hours on one system) will answer your question more specifically, but, my question to you, would be: Do you own your own business? Or, are you doing this as a side job? Either way, you really do need a lot of training to do Malware removal. Have you had Malware training to do this? These are all questions that you need to answer...

I take my vehicle in to the Dealers' Garage, and get what needs to be done, and I pay for it, yes, but if there was a bunch of mechanics VOLUNTEERING their precious time to do it for free, I'd be there instead.

I hope you get the answers you are looking for. :major

 

IMO, what you are really doing is salvaging people's data, be it personal or business. Else all you would have to ever do is to reformat/install, right? And how valuable is this data to them?

And these people have their data compromised through their own carelessness, (no backup), or ignorance.

I guess I would tell them up front ~how much to save the system versus reformatting but for the first, give them a wide range, saying you can't be certain as each case is different. For the latter, some flat fee, probably around $100, maybe more. Maybe a charge for salvaging data if you can, also.

But I wouldn't put in 12 hours and bill them for 6. Your mechanic/plumber/electrician/carpenter/accountant/lawyer/surgeon/etc certainly wouldn't! :wave:wave

 

Hi TeeCee,

Thanks for the reply.

Basically my business has been the IT Industry for 20+ years. Everything from networking, security, wireless, PC software, hardware, malware, software development, the works.

I have been doing malware removal for quite some time and have a lot of experience (yes... from my point of view). Have I had someone train me? No... my 20+ years of experience plus countless hours of working with malware of all types... following sites such as this and my software development background provide me a solid foundation... (again from my point of view).

My question primarily stems from the fact there are folks that do NOT want to do this work themselves... not only personal users, but businesses that I deal with. Even if they can get help for free on a forum such as this they don't want to go through the hours it can take. If they run a business then they are losing money NOT doing what they are experts at doing.

I have sent folks to sites like this, due to the workload I already have, but most of them gloss over and say I'll just pay you to do it. They either want to spend there time doing something else or would rather pay "something" to have it done so they don't have to.

Now if they could get someone onsite who would do it for free then more power to them, but unless they have a family member or a close friend that knows what they are doing they generally don't have someone who would come do it for free for them.

So I most definitely appreciate the get it done for free... but I am talking about customers that don't want to get their own hands dirty and want someone to do it for them.

I am one of those folks... and I want to fairly bill them, but at the same time not cut my own throat as I have a business to run. I do plenty of charity and do plenty of this for free... I just can't run a business doing it all for free if you follow me.

 

Yes... and I have done this. But usually the business folks have backed themselves into a corner with their lack of data protection. Some just don't learn, but I am getting more and more of them to do what is needed.

But let's take your example of blowing away the system. A reformat and install (assuming they don't have every application under the sun installed) should be faster than the example I gave above. But you still can easily get into 3 hours or more of work by the time you get the system re-installed and provide all the malware tools needed spending time educating the user on the use of the tools and so on.

Let's take a weeks worth of work (or something close to it) and say you have 20 computers in a week you need to either do malware cleaning or blowing the unit away and starting over. Out of those 20 it is a good chance only a few of those units might be identical models. And out of those I find many customers do NOT have the recovery CDs or the recovery isn't built into a recovery partition. Then most of these customers want at least their basic software re-installed (office or other standards software) and many of those folks don't have their keys or the original cd's or whatever.

So ultimately a lot of time is killed even blowing away a unit and getting it back to full patched and protected status.

What I hope to hear shared here is what many do to get this done as quickly as possible... some of the techniques they do.

Some would say blow it away everytime and deal with a somewhat known amount of work. If so what do you do to speed this up. What if you don't have all the original Cd's or recovery cd's. What do you use to get around this? I know some use volume license key'd CD's, but then you have licensing issues and so on.

Thanks again for the reply and look forward to more in depth discussion on this.!

 

I appreciate the thread on MAlware Removal. I believe it will cost you something one way or another. My question or request for help is: I've followed all of the steps but im having a problem with ROOTREPEL. When I double click the .exe it causes the system to restart. I cant get passed this.