Skip to main content
SolarWinds MSP
  • Login
  • Support
SolarWinds MSP
  • Products
    • Remote Monitoring & Management Protect your customers with a platform from the global leader in monitoring and management.
    • Backup & Recovery Manage backup for servers, workstations, applications, and business documents from one cloud-based dashboard.
    • Mail Protection & Archiving Shield email from spam and malware, including zero-hour threats.
    • PSA & Ticketing Manage ticketing, reporting, and billing to increase helpdesk efficiency.
    • Automated Threat Monitoring Detect, respond to, and report on threats across your managed networks.
    • Remote Support Help support customers and their devices with remote support tools designed to be fast and powerful.
  • Solutions

    I'm looking to...

    I'm looking for...

    • Manage my MSP Business More Efficiently
    • Manage my IT Department More Efficiently
    • Layered Security
    • Data-Driven Insights
    • Cross-Platform Support
  • Resources

    Webinars & Events

    Resource Center

    • Ask the N-Central Experts
    • Daily Live Demos
    • Backup Foundations Training
    • RMM Foundations Training
    • Upcoming Events
    • Upcoming Webinars
    • Resource Library
      • Case Studies
      • Product Information
      • eBooks
      • White Papers
      • Infographics
    • SolarWinds MSP Free Tools
    • GDPR Resource Center
    • Security Resource Center
    • MSP Institute
    • MSP Advice Project
  • About
    • Contact
    • Worldwide sales and support
    • Careers
    • Awards and Recognition
    • Get A Quote
    • Newsroom
      • Press Releases
      • In The News
      • Media Contacts
    • Leadership Team
    • Legal
      • Cookie Policy
      • Privacy Notice
      • Software Services Agreement
      • Terms of Use
      • Backup Fair Use Policy
    • Security
      • SolarWinds Security Statement
      • Vendor Data Protection Requirements
    • Support
  • Blog
  • Contact Sales
    • Get A Quote
    • General Inquiry
  • TRY NOW
    • SolarWinds RMM
    • SolarWinds Backup
    • MSP Manager
    • SolarWinds Mail Assure
    • SolarWinds Risk Intelligence
    • SolarWinds Take Control
Filter Blogs
  • Filter by:
  • MSP Business
    • Backup & Disaster Recovery
    • Security-series
    • Best Practices
    • Business
    • Business Growth
    • Business Risk
    • Cloud Computing
    • Customer Service
    • Cybersecurity
    • Data
    • GDPR
    • Internet of Things
    • IT Support
    • ITSM
    • LOGICcards
    • Machine Learning
    • Mail
    • Managed Services
    • Marketing
    • Mobile
    • Networking
    • Operations
    • Podcast
    • Product
    • PSA
    • Remote Management
    • Research & Trends
    • Risk Intelligence
    • Security
    • Security Vlog
    • Service Desk
    • Services & Support
    • Tips & Advice
    • Training
Home Blog MSP Business An MSP guide to malware cleanup
MSP Business

An MSP guide to malware cleanup

By Ben Taylor
11 September, 2013

There’s no doubt that Windows PCs have become inherently more secure since the days when Windows XP was the corporate operating system of choice. As far back as 2010, official reports revealed that the malware infection rate for Windows 7 was nearly five times lower that the rate for XP (source: CNET ).

However, with the best will in the world, there will always be times when the malware authors and hackers get a few steps in front of Microsoft and the Internet security vendors. Often, nowadays, they do so by using social engineering techniques to trick those less competent users into installing something they shouldn’t. When this happens, you’re left with a cleanup job.

As an MSP owner, you and your staff are, inevitably, going to find yourself in situations where you need to clean up a client PC. So, here’s a guide to how best to tackle it.

1. Manage customer expectations

Often, customers will have no idea how deeply malware can bury itself into a computer’s operating system. Files can hide themselves, move around and morph, and often (especially on Windows PCs), a single malware attack can leave multiple infections. Ensure customers understand that a cleanup can take time so that they don’t become impatient, which they may - even if it was them who opened the suspicious attachment!

2. Decide where to “draw the line”

There comes a point in every malware cleanup where it becomes more time-effective to reinstall and rebuild than to continue attempting to clear every trace of infection. Decide up-front how long should be spent on a cleanup, so you don’t invest multiple hours and then reinstall anyway.

3. Isolate the computer

If you’ve identified an infected computer get it straight off the network. If you have any suspicion that cross-infection could have taken place, test-scan some other PCs to be sure.

4. Use multiple cleanup tools

Some of the very best malware removal software can miss certain infections. Every IT professional should have two or three reliable removal tools in their armory.

5. Check and check again

Many malware infections can hide themselves away only to reappear after a couple of reboots. Never assume an infection is completely clear until after extensive double / triple checking and rescanning.

6. Educate your clients

If you can ascertain how a malware infection entered a client PC, educate your clients to minimize the chances of it happening again. At the same time, know that sometimes you may never find the root cause, and be ready to explain this to clients. They are often extremely surprised that Internet security software is less than 100% effective.

7. Document the cleanup

Be sure to take notes during a comprehensive malware cleanup. Add the documentation to your MSP’s internal knowledge base or, even better; share it online with the wider technical community.

Do you have any great tips for cleaning up malware? Share them with a comment below!

You might also like...

MSP Business

Using managed antivirus solutions in your MSP

MSP Business

What we can learn from the recent TeamViewer incidents

MSP Business

Do we go overboard with security?

MSP Business

Hack Labs, Part 2: Examples From the Trenches

MSP Business

Get deeper insight into failures with new MAX RM Patch Management features

MSP Business

An MSP's guide to responding to a virus

Recent Posts

  • How to Fix High CPU Usage for Windows
  • Protecting O365 and G Suite Email—A Layered Approach 
  • PSA Overkill: Is Your PSA Managing You?
  • Five Steps to Marketing Your Business, Part 1: Messaging
  • Why You Should Care About Advanced Threat Protection

Categories:

  • Business Growth (403)
  • Tips & Advice (332)
  • Managed Services (296)
  • Security (249)
  • Best Practices (247)
  • Business (211)
  • Cybersecurity (193)
  • Backup & Disaster Recovery (105)
  • IT Support (97)
  • ITSM (67)
  • Data (61)
  • Product (56)
  • Cloud Computing (56)
  • Mail (46)
  • Marketing (46)
  • Risk Intelligence (31)
  • Customer Service (29)
  • Networking (27)
  • Remote Management (26)
  • GDPR (16)
  • Services & Support (16)
  • Service Desk (15)
  • Research & Trends (13)
  • PSA (11)
  • Business Risk (11)
  • Operations (11)
  • Internet of Things (10)
  • Mobile (9)
  • Training (8)
  • Security-series (7)
  • LOGICcards (4)
  • Machine Learning (3)
Show moreless
SolarWinds MSP

© SolarWinds MSP Canada ULC and SolarWinds MSP UK Ltd.
All Rights Reserved.

Products

  • SolarWinds RMM
  • SolarWinds N-central
  • SolarWinds Backup
  • SolarWinds MSP Manager
  • SolarWinds Mail Assure
  • SolarWinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Threat Monitor

Solutions

  • How We Help MSPs
  • How We Help IT Departments
  • Layered Security
  • Cross-Platform Support
  • Data-Driven Insights

About

  • About Us
  • Careers
  • Newsroom
  • Leadership Team
  • Privacy
  • Legal
  • Security
  • Subscription Preferences

Support

  • SolarWinds RMM
  • Solarwinds N-central
  • SolarWinds Backup
  • SolarWinds Mail Assure
  • MSP Manager
  • Solarwinds Risk Intelligence
  • SolarWinds Take Control
  • SolarWinds Take Control Downloads
  • Backup & Recovery Downloads
  • Sitemap
  • Service Status