Tips for backup & disinfect OS

[Doughnutnator]

Someone is going to give me his laptop tomorrow, so I can "check and clean" it.

Sadly he wants to keep some of his stuff.

My idea is to boot into some kind of Linux distro from a USB and then just backup the stuff that he needs without infecting the goddamn USB, then reinstall Windows.

I could also install malwarebytes and give it a shot.

Any advices?

If I try to reinstall Windows, how can I preserve the license?

Thanks

[Guest]

Which version of Windows? Also, what kind of a license? OEM? Box? If OEM - was it pre-installed or installed later?

 

I'd personally go with the Linux route instead of trying Malwarebytes. 

[KraftDinner]

Someone is going to give me his laptop tomorrow, so I can "check and clean" it.

Sadly he wants to keep some of his stuff.

My idea is to boot into some kind of Linux distro from a USB and then just backup the stuff that he needs without infecting the goddamn USB, then reinstall Windows.

I could also install malwarebytes and give it a shot.

Any advices?

If I try to reinstall Windows, how can I preserve the license?

Thanks

Has he told you what he wants to keep? If so I would just save those files to the USB and then reinstall as you said so. But if you think this is risky and theres a change that some programs may be carrying malware, then let the customer know the only way out is a full format, just be straight up with them. Like you said, malwarebytes is a good one too. I would just disconnect from the internet and install malwarebytes from your own USB, then run a full scan. Afterwards open MSCONFIG and delete any malware that might run upon startup.

[2FA]

Try using the AVG Rescue CD on a USB, you just boot to the USB and it will clean the system without running Windows at all. As long as they don't have something like a nasty rootkit, it should work pretty well. http://www.avg.com/us-en/avg-rescue-cd

[Doughnutnator]

Which version of Windows? Also, what kind of a license? OEM? Box? If OEM - was it pre-installed or installed later?

I'd personally go with the Linux route instead of trying Malwarebytes.

OEM. AFAIK it was pre-installed, basically it's the windows that came with the laptop.

Yeah, I've used the Linux route before, and it worked to clean the super nasty laptop of a cousin before.

I want to keep his license, I can also just activate it with KMS, and he wouldn't realize but meh, it's not correct.

[Doughnutnator]

Try using the AVG Rescue CD on a USB, you just boot to the USB and it will clean the system without running Windows at all. As long as they don't have something like a nasty rootkit, it should work pretty well. http://www.avg.com/us-en/avg-rescue-cd

Nice! Thanks. I have Hiren's Boot CD. But I don't know if it offers the same kind of protection that AVG offers.

Anyways, the "backup his stuff through a Linux distro and just reinstall Windows" option seems pretty nice.

[2FA]

Nice! Thanks. I have Hiren's Boot CD. But I don't know if it offers the same kind of protection that AVG offers.

Anyways, the "backup his stuff through a Linux distro and just reinstall Windows" option seems pretty nice.

The AVG will go above and beyond the capabilities of Hirens when it comes to malware. 

 

I personally wouldn't reinstall Windows on someone else's PC like that unless explicitly told to. Software issues are almost ALWAYS fixable, it just depends on how much effort you put in.

 

Having actually studied IT and am now studying Network and Computer Security, I can personally say from a professional standpoint that reinstalling the OS is always your last option, not the first.

[Doughnutnator]

The AVG will go above and beyond the capabilities of Hirens when it comes to malware.

I personally wouldn't reinstall Windows on someone else's PC like that unless explicitly told to. Software issues are almost ALWAYS fixable, it just depends on how much effort you put in.

Having actually studied IT and am now studying Network and Computer Security, I can personally say from a professional standpoint that reinstalling the OS is always your last option, not the first.

You're right. But he just told me that he wants Windows 10, now I have to go through that route sadly.

Anyways i'm actually interested, besides AVG CD, what other tools should I have/try when cleaning a PC from virus/malware etc...?

I've heard about Combofix and that It can remove nasty stuff (also that it's dangerous). Also Malwarebytes.

What else do you recommend? And... Avast or AVG as antivirus for his laptop?

[Guest]

OEM. AFAIK it was pre-installed, basically it's the windows that came with the laptop.

Yeah, I've used the Linux route before, and it worked to clean the super nasty laptop of a cousin before.

I want to keep his license, I can also just activate it with KMS, and he wouldn't realize but meh, it's not correct.

 

There are tools which can backup his product ID and the certificate pre-installed by the OEM manufacturer. Then, after fresh install you can launch command line with elevated privileges and use slmgr to automatically activate it back, using provided certificate and product key. That is, if it's Windows 7.

 

Windows 8 also has a way to backup activation and restore it after re-installing. Windows 10 just re-activates itself automatically, based on hardware fingerprint.

 

I won't provide names of specific tools and commands here, as I'm not sure whether this still constitutes sharing knowledge - wouldn't want this thread to be closed because of that. I'll shoot you a private message in a second. 

 

 

The AVG will go above and beyond the capabilities of Hirens when it comes to malware. 

 

I personally wouldn't reinstall Windows on someone else's PC like that unless explicitly told to. Software issues are almost ALWAYS fixable, it just depends on how much effort you put in.

 

Having actually studied IT and am now studying Network and Computer Security, I can personally say from a professional standpoint that reinstalling the OS is always your last option, not the first.

 

Having actually worked in IT:

 

I'd tell the user: You can have me working on your PC until it's clean of all malware and viruses, that'll cost you $x per hour and it may possibly take take n hours. I can also backup your files and reinstall Windows for you for $y flat. 

 

99% will either go for reinstallation or they will just take their stuff somewhere else. The remaining 1% know they're going to pay a lot and they still want their old installation for some reason - and I'm willing to put the effort there, because it's usually worth it. 

 

And yeah, reinstalling the OS is perhaps the least professional way to do it, but it's the fastest one. I'm not going to spend 12 hours cleaning up bajilion instances of malware on someone's precious Facebook machine, including recurring infections, fixing the registry, hosts file, scanning the drive with multiple AV/AM programs and so on, when I can spend 1-2h tops backing it up, then restore a pre-made image (I had ready-made images for most popular laptops in the area, constantly updated with new drivers and updates), re-partition the drive depending on what the customer wants (or what I talk them into), activate Windows using provided license data (or give them a clean trial version if they didn't provide me with proper legitimate key) and so on. 

 

By doing that I could easily give someone a written warranty saying there's zero malware, zero unwanted software and zero infections when the device was leaving my place. No one ever had any complaints.