The most common call for service at most any computer repair facility is for virus cleaning or removal. It’s also the type of service most improperly performed. A good virus cleaning assumes everything on the infected system is not to be trusted. For example you may find the great looking site named outlookfreeware and install one of their tools but in couple of days you will find that somebody paid using your CC unexpectedly. The average service, however, assumes that only the obvious symptoms and infected files should not be trusted. This difference can cost you not only more money in further service to fix, but loss of data or identity theft.
The goal with any service performed involving a customer’s data is always the integrity of that data first and foremost. For that reason, any service in which data could be lost should start with a backup of that data. Once we have a backup, we have fewer worries about losing information as part of the cleaning process. We can also access data lost by cleaning or quarantining accurately so a customer can make a decision on whether or not to have further work done to recover infected files. A backup also allows us to passively assess data integrity that has nothing to do with virus infections. For instance, if a hard drive is failing or there are file system errors, the backup process will report these issues.
The windows expansion system and the windows process regulator virus are just some of the different types of nasty programs out there trying to get into your computer every time you log on. The next, and frankly obvious step in the process is the actual removal of the infection. As stated before, any data on the system should be treated as infected and non-trustworthy. This means we need to completely wipe the system disk. This also means we need to reinstall the base operating system. It is this step that other service providers often skip. The reasons they skip this process vary, but usually fall into a few categories.
First, they may elect to not wipe the drive as this may cause data loss. But as we backed up the customer’s data first, this is a non-issue. Secondly, reinstalling an operating system is a time-intensive procedure. A customer may wish to have the cheapest fix, so they may elect to skip the wipe. But why wipe the data at all? The most important reason is to be assured no root-kit infections or other operating system level infections are present. A well-written virus will be able to hide these kinds of infections in system drivers or a modified kernel. Once such an infected system is “cleaned” without replacing the operating system, it can repopulate the proper files to reinfect the system or simply act as a Trojan to make the system easier to infect again. Remember, the goal is to leave the customer with a system they can trust.
Once the system disk has been wiped and the operating system reinstalled, driver and application software must be reinstalled as well. Finally, an updated anti-virus program is installed and the customer’s backup data is scanned with the anti-virus. This leaves a log on the customer’s system of files that were found infected and gives them the ability to trace our work with regard to scanning and cleaning. Once the backup is scanned and cleaned, files are placed in their appropriate locations.
Virus cleaning is among both the most common and simplest procedures in computer service. It is time-intensive compared to other services, but if done correctly, it enables your customer to get back to work confidently and with a minimal loss of important data.