Review: Virus Remediation Training with The Virus Doctor

In Episode 9 of the Computer Business Podcast, I had Ken Dwight, the Virus Doctor, on as a guest of the Computer Business Podcast.  He shared some very valuable information about the best practices around Virus removal and I’ve received a lot of positive feedback from listeners about that episode.

Ken provided a lot of great information for free in the Podcast which was just a small sampling of the information he teaches in his in-depth, multi-day virtual workshop.  Ken calls these workshops his Virus Remediation Training, and in the training he digs into the details of his methodology for accurately and quickly removing viruses.

Ken offer the following guarantee for those who attend his training:

1. You will find and remove at least 95% of all malware on infected systems
2. Fewer than 5% will return in a “reasonable” period of time
3. Total clock time to complete the remediation will be less than two hours

I recently had the opportunity to attend Ken’s workshop.  Did the course live up to the promises and the guarantee? The following is my unbiased review, as well as my recommendation of who would most benefit from this course.

What Is Included in The Virus Remediation Course?

The course is available both in person, if you happen to be near a city where Ken is holding the class, or online.  I attended one of Ken’s “virtual” workshop, which contains the same material as the in-person sessions.  The virtual class is broken down into two half-day workshops, the first of which covers Session’s 1 and 2 (see below), with Session 3 and 4 taking all of the second half-day.

The workshop is presented over a GoToWebinar connection in which Ken shows his computer screen as he runs through prepared slides as well as on-screen examples of his topics.  The following is a breakdown of the four session he teaches.

Session 1: Intro

The intro section of the course lasts about an hour, and it’s basically an expanded version of Ken’s free webinar, Advanced Techniques for Virus Removal, that he gives regularly for those interested in attending his full course.  This includes an introduction by Ken where he provides some insights into his background and experience as he sets the stage for the rest of the workshop.

Session 2: Windows Registry

Session 2 is where we start getting schooled.  At first glance it might seem very basic to start with the Registry.  In fact, it may seem to be all together pointless to spend one whole session on the Windows Registry.  However, this is one of the most in-depth lessons on the Registry I’ve ever had.  Ken has decades of experience working in the Registry and it shows in this module.

I GUARANTEE you’ll learn something new in this session.

But what does this have to do with viruses?  Well, much like Session 1 was laying the foundation for the rest of the course, Session 2 adds another layer onto the foundation: knowledge and skill in working in the Windows Registry.  This is at the heart of Ken’s virus removal methodology.

As you may or may not know, virtually all malware dig their claws into the Windows via the Registry, so you’ll likely find the traces they leave there if you know where to look.  With that in mind, Ken sets out to show us how to access, navigate, and safely modify the registry.

He also goes into how to recover the registry, how to access it if Windows will not boot, and how to modify the registry remotely without the need to access the users computer directly.  Finally he talks about how to protect and harden the registry to prevent future modifications from malware.

Session 3: Virus Repair Methodology

In Session 3 we get to the meat of the course.  This is where Ken lays out his virus remediation methodology.  He shows us his process for first identifying the type of malware, or if it’s even malware at all, and then the systematic approach to removing the threat.

The process can really be broken down into three simple steps (though there is a longer process to follow with each step, of course).  The first step is removing any rogue software that might be actively engaging computer.  The second step is to permanently remove any malicious processes that are running (which is where the registry knowledge comes in).  Finally, in the third step, you check for any rootkits that may have dug into the Windows core, which are the least obvious, and trickiest, to remove.

By following this process, you’re dealing with the easiest items first before moving onto the harder items, which makes the process efficient and quickly deals with the more common issues.  This session also includes recommended software tools, some of which I had never heard of before.

Finally, Ken provides the solutions for some of the most common situations such as malware blocking access to things like the registry, task manager, or even the antivirus programs themselves.

Session 4: Lab

The workshop ends with a lab session in which Ken shows some demonstrations of the various tools and programs mentioned in Session 3.  He also open this section up at the end to any questions from the class members.  He even encourages the remote session attendees to ask questions via microphone so all can hear the question.

The Pros

Ken is meticulous in the details of his presentation.  He doesn’t assume you know anything so he covers all material in-depth.  However, he also doesn’t talk down to you as a technician.  This training is made specifically for computer repair technicians and he acknowledges that he skips over general things that he assumes we should know.  I think he strikes a perfect balance here.  He knows how to talk to computer techs, being one himself.

The biggest pro of this workshop is the methodology itself.  Ken has a very organized and systematic method for identifying the type of malware, and then neutralizing it based on what type it is.  This is a far cry from the standard scan, scan, and rescan methodology that I and many of my cohorts use, which can often lead to frustrations and wiping the system.  Once you learn the system, it seems pretty simple, but it takes someone years of working in the field to be able to simplify such a complex task as virus removal into such an elegant and well-defined system.

Another big pro is the virus toolkit that Ken gives all of his students.  If you attend the live seminar, you’ll get this handed to you when you arrive, but if you attend one of his many “virtual” workshops, you’ll get the toolkit sent to you in the mail (international attendees must download the contents and print out the manual at home).  The kit comes with a manual that contains all of the topics he talks about in the training, but in more detail.  It also comes with a CD full of all the software tools Ken talks about.  This toolkit alone would be worth the price of admission, and is really all you need to get started.

Finally, Ken is good about answering any questions from participants after the training.  This real-time interaction is invaluable, as you can get anything cleared up from the training that may have been confusing or not clear (though it’s presented pretty clearly).

The Cons

While I feel this training if very valuable to most computer repair business owners out there, you should keep  a few things in mind.

Personally, I found the Registry session of the class to be a little too much.  Coming from a corporate background, working with computers in a domain environment, I’ve had plenty of opportunity to familiarize myself with the Windows Registry.  Ken digs deep into how to find your way around the Registry and safely manipulate the keys therein.  I feel like most of this stuff a tech should either know, or they would be able to easily find out through Google searches.  I would have rather Ken devoted some of this time to a live demonstration.  That being said, it seems the other students in my particular class enjoyed this section of the workshop.

I mentioned live demonstrations, which leads me to the last thing I wish would have been included in the workshop.  The whole thing is all a lecture, with some on-screen demonstration, but not a lot.  I would have loved to, at the very least, watched Ken remove a “virus” from a VM version of Windows so I could see his methodology in action.  Or maybe even seen a recording of him doing it on a real system in the wild.  I don’t doubt this methodology works, but I’m someone who learns better from watching demonstrations.  I informed Ken of this after the class and he told me he’s working out how to include this type of thing in future workshops, so I’m sure it will be coming down the road soon.

Final Thoughts: Who is This For?

Overall, Ken’s Virus Remediation Training Workshop is an in-depth, well structured, and highly educational course on effective virus removal methods.  This isn’t a superficial list of bullet points…it’s an intense training class.  As such, you want to make sure you’re fully prepared to spend a few days to not only attend the workshop (which is a full day class split into two afternoons for the virtual workshop), but also read through the material, get familiar with the tools, and get to know the Windows Registry.

Ken’s method requires more hands-on time from you, the tech.  Whereas running scans may be time more time consuming in the long run, it’s also very hands-off…so you can work on other tasks while the scans run.  That is a luxury not granted with Ken’s method, which requires you to dig in and actually find the clues left by the virus itself.  While the initial work is a little more than the scan method, it takes less overall time because, for the most part, you’re not relying on those scans to do the work for you.  Plus, you will most likely avoid the need to wipe the machine and reinstall Windows, which can be a huge time waste in and of itself.

The price of the workshop reflects the value it provides, which is to say it’s not cheap.  However, keep in mind this is advanced level training and is not for those who are not serious about stepping-up their virus game.  The investment you put into this course will surely come back to you in the time gained from quicker virus removal turn-around and happier customers.

But does it live up to Ken’s guarantee that I mentioned at the beginning?  I can’t say for sure, as I haven’t had very many opportunities to put it into practice yet.  However, I can imagine that it is highly effective.  Plus, Ken offers his personal consulting time to all attendees, in case we get stuck with a particularly nasty bug.  That extra effort on Ken’s part I’m sure will help make anyone’s success rate near 100%.  You can be sure I will be the first to let you all know if I find Ken’s method anything short of effective.

This course may not be ideal for those who are not running a computer business or technicians that have been in the game for a long time and have perfected their own virus removal system.  Still, I’m sure if you attend, no matter your current skill level, you will learn something new.

Exclusive Discount Code for YFNCG Readers

To sign up for the training, visit http://www.thevirusdoc.com/virus-remediation-training and see the upcoming dates in the upper right.  When you check out, use coupon code YFNCG10 to get 10% off the course.

If you have any further questions about the course, please feel free to leave a comment below and I or Ken will be happy to answer your questions.