Preparing for the worst with Windows 11...how do I use sysprep and restore client data?

nlinecomputers said:
Which goes back to my point about how it was really stupid of me to download that tool.
Click to expand...

Which I contest is wrong. When you downloaded that tool, if you're using any modern security suite, it was scanned immediately upon download and before you, as an end user, ever had the ability to touch it. If any of the "commonly circulating" infectious vectors were identified, it would have been quarantined before you ever even had the chance to run it.

The way modern security suites work make the probability of infection, period, very, very small except for the very newest of vectors. And by newest I mean less than hours old. The speed with with definitions update, and the use of heuristic and behavioral analyses, makes it way harder to infect someone these days, period.

That doesn't mean you should be cavalier, by any means, but downloading an unsigned tool already in wide circulation without any reports of issues, from its initial source, can hardly be called cavalier.
 
Which is highly popular, is not even a week old, and has no less then 18 revisions in his code. It is exactly the kind of software that IT departments would look at in order to gauge future needs. A ripe target for a nation state to use as an attack vector.
 
  • Like
Reactions: GTP
Guys, I've had many multiple reports over this thread.

Im going to lock it, until I get chance to edit posts.

It won't be until after the weekend, before I can do anything.

Final notice about personal insults.

Personal insults are against the forum rules. And I have had enough now. Members have been warned many times before. Im going to enforce this rule more thoroughly.

Infractions may be given depending on the severity of comments seen.

Admin note:
Thread has been read through, and any and all comments which break forum rules have been edited, and or removed.
Play nice now.

Thread re-opened.
 
Last edited:
britechguy said:
and it passes muster with my security suite (and this does with Windows Security/Defender)
Click to expand...
Pretty much anything "passes muster" with Defender...
I was able to download and run this software on a test PC without the slightest concern from Defender.
 
Last edited:
Barcelona said:
Pretty much anything "passes muster" with Defender...
Click to expand...

Well, we're going to have to disagree vehemently on this. Windows Defender/Security as implemented under Windows 8 and 10 absolutely does not, "let everything pass muster." Just this afternoon I had it flag an ancient Speccy installer that I'd never deleted. I see more complaints about false positives, which I don't have many of myself, than anything else.

Also, the big testing labs disagree with you, too.

Look at the most recent testing results from the following antivirus/security testing labs, along with the historical results from the past several years if you want to see how Windows Security/Defender has been performing. Windows Security has been solidly in the top 10, often top 5, and frequently beats out several well-known competitors that one must pay for.

AV Test

AV Comparatives

SE Labs (Reports Page)

MRG Effitas (360 Protection Testing Category)
 
We've had similar discussions on these forums before.
A large percentage of my business came from scanning and removing malware that Defender never even knew about.
I still scan for and remove remnants of software like Slimware Utilities (albeit on a much smaller scale now as 99% of my clients use Emsisoft) that most "fair dinkum" AV's detect as a matter of course. .
The ones that use Defender are the ones I remove rubbish from. Defender doesn't even blink at Slimware Utilities or hundreds of other regeditors, cleaners etc.

I dont and will never trust "the big testing labs" rather I trust me and what comes over my workbench.

And "the big testing labs" get paid a lot of money to produce these results.
The more money they get the higher up the scale.
Convince me otherwise..
 
Last edited:
nlinecomputers said:
We've had similar discussions on these forums before.

A P.U.P. is not a virus or malware and many AV programs do not remove them.
Click to expand...

Nor should they (on which I believe we agree). PUP = Potentially Unwanted Program. That doesn't mean malicious. It doesn't even mean that it's not useful. What it does mean is that it can often get on a machine through the loathsome practice of bundling. But even if it did, it's the user/owner of the machine who should be determine whether "potentially" means "actually" or not.
 
Barcelona said:
And "the big testing labs" get paid a lot of money to produce these results.
The more money they get the higher up the scale.
Convince me otherwise..
Click to expand...
Bull. The lab charges a flat fee for the test and each company pays the same fee. There’s no incentive for what you are implying.
 
nlinecomputers said:
There’s no incentive for what you are implying.
Click to expand...

Not to mention that the labs, while they track somewhat closely, as one would expect as far as a "top ten" list, where each lands on it varies quite a bit based on the testing protocols.

But these labs, and over time, are the best objective evaluators we have. Any one of our single anecdotal experiences really don't compare, including mine.
 
nlinecomputers said:
Really? Viruses were everywhere back in those days. Most of us techs made the bulk of our money killing viruses.
Click to expand...
Well, I still made the majority of my money through hardware failures (mostly hard drives) back then, though virus removal was a much larger percentage of my business, yes. But it's not because of signed software that infection rates have gone down, it's because cybercriminals have changed their tactics. It no longer makes sense to custom build a malicious application in order to trick end users into calling them. Now that the web is more advanced it's easier to just make a fake website that brings up an alert to trick users into calling them. "Viruses" have always been about making money except in the early, early days when they were easy to make and nerds in basements made them for fun. Those days have long since passed.

Ransomware is relatively new to the scene and that does require downloading and executing an .exe file, but Chrome and other modern browsers do an effective job at blocking malicious .exe files. The key here isn't to just WARN a user, as computer illiterate users just hit "OK" or "Allow" or whatever when a warning comes up. The key is to give a computer illiterate user no option to run the file. Chrome does this very well by only offering the option to "Discard" the file. You can keep the file, but in order to do so you have to go up to the hamburger menu, click "Downloads" and click "Keep." 99% of computer illiterate users wouldn't know how to do that, and therefore the software never gets downloaded. Microsoft also does this well with Smart Screen because the only button presented to the computer illiterate user is the "Don't Run" button. In order to get the "Run Anyway" button you've got to click "More Info" first.

And yes, I know you must be thinking that I'm agreeing with your point about software signing being responsible for our virus removal business going out the window, but it's not. It's because of many factors, including what I said before about cybercriminals resorting to popups in browsers vs. making their own software. Also, the web is a LOT more consolidated than it was 10 years ago. I remember reading an infographic a few years back which said that like 10 websites make up the MAJORITY of internet traffic. If you spend all day playing in a sandbox, you're not going to get hit by a car.
 
nlinecomputers said:
Which goes back to my point about how it was really stupid of me to download that tool.
Click to expand...

I ran that tool on my primary desktop and a test machine this week. EMSISoft's Emergency kit from today identifies no faults with either system. And my Untangle is reporting no strange HTTPs requests coming from either of them.

Now it's possible I missed a session... there are A LOT of https requests to dig through after all. But it's pretty easy to see things going to other nations and usually malware bounces around a fair bit when phoning home.

So while I cannot say with absolute certainty that I'm not infected. I can say that I'm reasonably sure I'm not.
 
So Windows 11 Home requires a M$ account, and Windows 11 Pro doesn't?

Is it possible to just create a throw away account, and provide the credentials to the new users with perhaps a print out or PDF on how to change the credentials and a short write up of what the account is, why the need it and so on? Then FABS the data from the old offline account to the new "microsoft" user profile? Or will fabs not do that?

Seems sort of stupid to me. Once the account is set up, the user basically never has to use more than the password.


At any rate, my 1st Gen Ryzen 1700X isn't "supported". Seems kinda dumb. But for me personally, I was planning on building a new main workstation within the next 16 to 24 months anyways. Doesn't matter to me. I can be perfectly happy running win 10 until then.
 
brandonkick said:
So Windows 11 Home requires a M$ account, and Windows 11 Pro doesn't?

Is it possible to just create a throw away account, and provide the credentials to the new users with perhaps a print out or PDF on how to change the credentials and a short write up of what the account is, why the need it and so on? Then FABS the data from the old offline account to the new "microsoft" user profile? Or will fabs not do that?

Seems sort of stupid to me. Once the account is set up, the user basically never has to use more than the password.


At any rate, my 1st Gen Ryzen 1700X isn't "supported". Seems kinda dumb. But for me personally, I was planning on building a new main workstation within the next 16 to 24 months anyways. Doesn't matter to me. I can be perfectly happy running win 10 until then.
Click to expand...
No matter if account is local or MS account: Fab's will just work with W11.
Also, as discussed before, there are some tips so it's possible to create a local account instead of a Microsoft account on W11 Home.
 
You must log in or register to reply here.

Similar threads

LordX
NEW ASUS Vivobook Windows 11 reformat - wouldn't let me install on internal SSD!
Replies
6
Views
353
fincoder
fincoder
ThatPlace928
Workarounds for Windows 11 on Incompatible Hardware
5 6 7
Replies
135
Views
5K
ThatPlace928
ThatPlace928
NETWizz
New Laptop Woes
Replies
13
Views
455
HCHTech
HCHTech
backwoodsman
Windows 11 without a Microsoft account?
2 3
Replies
51
Views
3K
Rigo
Rigo
River Valley Computer
Windows 10 and 11 S Mode
Replies
8
Views
365
Sky-Knight
Sky-Knight
Back
Top