Virus removal by computer store and password question

jaystarter
3StarLounger
Posts: 246
Joined: 09 Feb 2010, 09:01
Location: Southeast England

Virus removal by computer store and password question

Post by jaystarter »

Talking to a work colleague today she told me their home pc picked up one of those viruses that make the computer un-usable with the false nag that you are infected and need to pay for their anti virus to clean it up. It wouldn't let them download or run any anti virus and they understood they had to get into safe mode etc to do this but not savy enough to undertake that and would rather leave it to a professional.

So they dropped it off at the local tech shop for them to deal with -which they did successfuly in a couple of hours. They explained they only had to install and run a simple programme such as malwarebytes to fix it.

What we dont understand is how they started the computer in the first place as on start up you arrive at the Vista splash screen with the account name and requiring the password. How could they bypass that? and how secure would the computer be if it was stolen say? I thought even starting in safe mode you went to the account and needed password to continue, Am I missing something?
Jeff

User avatar
HansV
Administrator
Posts: 79671
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Virus removal by computer store and password question

Post by HansV »

They probably used a bootable CD-ROM with Windows, MalwareBytes and a few other tools on it. That way, you don't need any software installed on the PC itself.
Best wishes,
Hans

User avatar
HansV
Administrator
Posts: 79671
Joined: 16 Jan 2010, 00:14
Status: Microsoft MVP
Location: Wageningen, The Netherlands

Re: Virus removal by computer store and password question

Post by HansV »

And yes, if someone steals the PC, they can read the hard disk - either by using a bootable CD-ROM or by taking the hard disk out of the PC and placing it in another one.

If the hard disk contains confidential data, you can encrypt it, for example using TrueCrypt - Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux. The hard disk in my work PC is encrypted using this software, meaning that without the password, the hard disk can not be read.
Best wishes,
Hans

User avatar
Doc Watson
4StarLounger
Posts: 412
Joined: 25 Jan 2010, 06:46
Location: New Jersey

Re: Virus removal by computer store and password question

Post by Doc Watson »

As Hans said, unless the data is encrypted, it is not secure. I have fixed several friends and clients computers by simply pulling their HD, connecting it to my system and using the tools on my system to repair it. But before I do that, I always backup their data.

If I were a less than honest person, I could simply keep the backup and go through it at my leisure if I wanted to harvest their personal information. In this day and age of identity theft, if you are sending your PC out for maintenance and service you should always encrypt your data and keep an unencrypted backup at home. Unencrypted because, in case of emergency, it can be accessed by any family member.
If life gives you melons,
You may be dyslexic.

jaystarter
3StarLounger
Posts: 246
Joined: 09 Feb 2010, 09:01
Location: Southeast England

Re: Virus removal by computer store and password question

Post by jaystarter »

Thanks for the insight. In this case I dont think they were concerned about confidential stuff being on the computer but it's as well to realise that we must all be aware of how easy it is to gain access to another machine.
Jeff