100%(2)Il 100% ha trovato utile questo documento (2 voti)
126 visualizzazioni19 pagine
"More than 35,000 NEW computer viruses are released EVERY DAY"
Are PC viruses, trojans, spyware, and other infections causing you too many problems?
Have you spent more money on virus removal than you care to admit?
Are you sick and tired of being helpless, depending on a slow computer repair guy?
End your PC virus problems once and for all, and save over $300 per year--by fixing your own virus problems!
The PC Technician's Virus Removal Manual is the ONLY eBook of it's kind; with step-by-step, detailed instructions and unlimited technical support!
So download YOUR copy of the Virus Removal Manual, and become a virus removal expert, virtually overnight.
GUARANTEED!
"More than 35,000 NEW computer viruses are released EVERY DAY"
Are PC viruses, trojans, spyware, and other infections causing you too many problems?
Have you spent more money on virus removal than you care to admit?
Are you sick and tired of being helpless, depending on a slow computer repair guy?
End your PC virus problems once and for all, and save over $300 per year--by fixing your own virus problems!
The PC Technician's Virus Removal Manual is the ONLY eBook of it's kind; with step-by-step, detailed instructions and unlimited technical support!
So download YOUR copy of the Virus Removal Manual, and become a virus removal expert, virtually overnight.
GUARANTEED!
"More than 35,000 NEW computer viruses are released EVERY DAY"
Are PC viruses, trojans, spyware, and other infections causing you too many problems?
Have you spent more money on virus removal than you care to admit?
Are you sick and tired of being helpless, depending on a slow computer repair guy?
End your PC virus problems once and for all, and save over $300 per year--by fixing your own virus problems!
The PC Technician's Virus Removal Manual is the ONLY eBook of it's kind; with step-by-step, detailed instructions and unlimited technical support!
So download YOUR copy of the Virus Removal Manual, and become a virus removal expert, virtually overnight.
GUARANTEED!
COPYRIGHT 2010-2014 TekTime IT Consulting LLC - All Rights Reserved
Disclaimer:
While every attempt has been made to verify the information provided in this publication, neither the author nor the Publisher assumes any responsibility for errors, omissions, or contrary interpretation of the subject matter herein. This publication is not intended for use as a source of legal advice. The information contained herein may be subject to varying state and/or local laws or regulations.
The Purchaser or Reader of this publication assumes responsibility for the use of these materials and information. Adherence to all applicable laws and regulations, federal, state, and local, governing professional licensing, business practices, advertising, and all other aspects of doing business in the United States or any other jurisdiction is the sole responsibility of the Purchaser or Reader.
The Author and Publisher assume no responsibility or liability whatsoever on the behalf of any Purchaser or Reader of these materials. Any perceived slights of specific people or organizations are unintentional.
Any unauthorized selling, sharing, or use of this manual, is prohibited by law without expressed, written consent from the author.
PREFACE
First, I would like to thank you for purchasing volume III of the PC Technicians Virus Removal Manual. Without loyal readers such as yourself, the strategies, secrets and knowledge used to create this publication would have been shared in vain. If you own a computerwhich Im sure you doyou have at least HEARD of a computer virus, unless youre in a third world country. Im sure you understand well; viruses are never created to spread wealth and happiness to unsuspecting users! Viruses are and will continue to be a problem in the digital world, due to the sheer amount of viruses being written dailyto the tune of 35,000 new threats released dailyand they become more complex with each passing year, making them more difficult to remove. Not only that, but malware is not limited to just computer users per se; it affect servers, websites, entire networks and so much more in this era. That being said, this eBook will serve as the perfect reference guide, in which to remove viruses, trojans and other threats from a computer successfully and thoroughly. Regardless of that computers function, from server to datacenter to home-level computer the solution is right here. This handbook is not an ordinary eBook, and is definitely not fun to read, as a non-fiction novel or other genre book may be. Unfortunately, I wont get into my background here, spilling the beans about where I came from, my expertise, hobbies and habits. I decided to save that for my website! This manual is strictly for helping others learn the methods and tools that I and various technicians have used, and use, to become successful in defeating malware. The strategies shared in this book are listed sequentially or step by step, and ideally, for beginners, should be performed on a computer in the EXACT order and fashion as described in this book, with little to no deviation, in order to achieve the desired end-goal. However, it is possible for advanced computer users and technicians to skim through the book to utilize the software links, or search for information that will enhance their acquired skill sets and increase their knowledge banks. If you are a beginner or a novice in virus removal and various technical modalities, youll benefit highly from following each page from beginning to end, unless instructed otherwise within the manual. Have any questions? Feel free to ask here!
Many of the techniques and software used in removing viruses from a computer are universal; in other words the various techniques are known amongst thousands if not millions of computer technicians. Please do not misunderstand the purpose of this book, in hopes of stumbling across the holy grail of virus removal; there are no secrets being shared here. What makes this book extremely valuable is the easy to follow, step-by-step, illustrated instructions combined with hyperlinks to FREE software and UNLIMITED technical support. The techniques and tools highlighted in this book are the exact same techniques and tools used by our technicians on a daily basis, for the purpose of removing malware from computers and networks. TekTime IT Consulting has a malware removal success rate of 99%. In other words, 99 out of 100 computer viruses are successfully removed without data loss or the need to re-format and reinstall the Operating System! Beyond that, we successfully remove malware from other networked devices, servers and websites while enhancing security and preventing/minimizing future incidents. Keep in mind that data loss resulting from malware infection may or may not be reversed; this fact needs to be communicated with the customer or client before beginning any work to eradicate the threat.
OUR success equals YOUR success as long as you use the strategies and techniques written in this book. There are many approaches possible when diagnosing, cleaning and preventing malware, but the approaches used in this book may differ from what others may recommend. For example, many technicians use a Rescue disk or CD-Rom/DVD-Rom that contains anti-virus software and utilities. These disks are used to diagnose/clean malware before the computer boots into its Operating System, and most contain bootable utilities to remove viruses that prevent booting successfully.
NOTE: We will not use the Rescue disk approach in this book due to our strict policy of backing up data prior to performing any cleaning, to avoid data loss and liability.
Since viruses become more and more complex as the years go by, virus removal software can work perfectly fine today, yet fail to detect the threats of tomorrow. For this reason, virus software authors are ALWAYS busy creating new application which will prove to be effective against the onslaught of current viruses. That leads us to the next point. THIS MANUAL IS UPDATED REGULARLY. Since you have purchased this manual, you will receive an updated copyFREE OF CHARGEwhenever an update is released!!
Updates to this book will be released periodically as: New virus removal software tools and utilities are released
New techniques in malware removal are discovered by our team
Revised methods of diagnosis/cleaning are learned by our team
New operating systems are released and information relevant to diagnosis/removal on the new Operating System are needed
Any other information is discovered by TekTime IT Consulting that will prove helpful in removing and preventing viruses.
The author decides to offer more tips, tricks and solutions to your technicians arsenal, and to provide more value than you paid for!
Computer technicians getting into virus removal will find that this eBook will pay for itself hundreds if not thousands of times over, just by utilizing the methods described when cleaning your clients (or future clients) computers. Remember, we provide full technical support to the purchasers of this manual, so feel free to contact us if you come across any issues while removing malware, or if you would like assistance. We will respond to your inquiry within 0-3 hours! See you on the other side!
TABLE OF CONTENTS
Chapter I: Whats A Computer Virus & What Are Symptoms of Infection? Defines computer viruses and lists many common symptoms associated with computer infection.
Chapter II: Preparing For Virus Scanning & Removal Details on the preparations needed to prepare a computer for virus scanning, including the precautions necessary to protect the users original data, from becoming corrupt or deleted.
Chapter III: Scanning For Threats Learn which antivirus programs are available for free, where to download them, which ones we recommend as most effective, and the steps necessary in scanning for malware. Learn how to accurately scan a computer, to avoid the chance of not detecting malware that resides on a computer. Also, learn how to avoid false positives when scanning for malware, to prevent deleting critical system files or other precious data.
Chapter IV: Reversing Malware-Changed Settings Learn how to search for malware in common places, as well as how to locate hidden malware. Learn the various settings that malware typically changes, which affect a computers reliability and ability to operate. Learn how to revert back to the original healthy settings.
Chapter V: Removing Malware That Kills Software Learn the behavior and characteristics of malware, and how many types can be eradicated using manual techniques and software tools. Learn which software tools can be used to kill malicious processes while they are running, even when they resist killing, renaming or deletion. Learn how to discover and remove malware that clones or copies itself.
Chapter VI: Rootkits - How to Detect & Remove Them Learn how to identify rootkits by using specialized software to locate hidden files and processes, that wouldnt otherwise be detectable using conventional, consumer-grade software products. Learn how to identify if a rootkit is actually harmful as some pose no threat at all.
Chapter VII: Confirming Full Removal of Malware within a Computer Learn how to check a computer to ensure that malware has been removed, and all traces of viruses, trojans, spyware, rootkits are eradicated and cause no harm to an otherwise healthy user experience.
Chapter VIII: Safeguards to Prevent Malware Infection & Compromise Learn methods to secure a Windows computer from malware infections, external exploits, and how to minimize or prevent malicious behavior in the event an infection occurs. Learn how to prevent malware and other threats from executing real-time changes on a computer.
Chapter IX: How to Scan Networks for Malware & Hacker Activity Learn how to scan individual computers and networked computers for incoming and outgoing threats with harmful intent. Obtain details on scanning an entire network for malware, and safeguarding against infection across a network of computers and devices.
Chapter X: Locating & Removing Malware on Servers & Websites Learn methods to scan for malware on various types of servers, and how to locate malware or malicious code located within a website. Learn how to secure a website immediately after it has been infected; how to scan for hidden code and encoded script located within web pages and directories, and how to safeguard against future incidents.
I. Whats a computer virus & what are the symptoms?
A computer virus is a computer program that can, for the most part, copy itself and infect a computer. The word malware is used as a general term usually, to describe many types of infections which can and will compromise a computer and its data; these include viruses, worms, Trojan horses, rootkits, spyware, adware, scripts and more. Malwareusually spread by unsuspecting computer users who: click on a link, open an email, transfer media from one computer to another using an external drive; or do to exploits used by hackers and external threats to compromise a computer. Malware may corrupt or delete the data on a computer or use the internet to spread to other computers via email, peer to peer software, websites, code injection, etc. Trojans and worms are usually created for a specific purpose, such as stealing data, controlling a computer, sending emails to a spam list, tracking a users habits, causing fake alerts prompting the user to spend money to clean the infection, and more. Viruses are created to cause harm to a computer. Deleting files, rendering a hard drive unbootable, causing a computer to restart constantly; are just some of many examples of malicious virus activity. Trojans and worms can often be called viruses simultaneously. Rootkits enable continuous administrative level access to a computer, while hiding or cloaking its presence from the user(s). Rootkits are often extremely difficult to detect and take a higher level of knowledge to detect, remove and prevent. These will be explained in more detail later in this book.
There are many symptoms which could indicate a computer is infected by malware; this includes but is not limited to the following: Antivirus software indicates a virus infection on the computer/server The computer restarts randomly and unexpectedly The computer will not boot into Windows even though no software was installed nor updates performed Windows task manager will not open Windows does not startup, and a message is shown stating: system files are missing.
Low memory errors pop up even if there is no memory true memory problem You get random BSODs (Blue Screen Of Death) Your computer seems to move very slowly, and your task manager may indicate high CPU usage, even when you are running no programs at all (i.e. 100% CPU usage) The computers starting or loading time to get into Windows takes excessively long. Constant pop-ups are appearing and/or browser re-directs (being unintentionally directed to other web sites than those youve selected) People are receiving emails that you dont recall sending Your broadband modem is showing traffic activity, when you aren't using the internet When new programs are installed, they either dont work or have constant problems You are suddenly receiving more spam to your email inbox(s) Programs that are installed are instantly deleted Documents and files disappear (deleted) Windows updates will not install successfully DVD and CD-Rom drives open and close by themselves Sounds may play randomly, from the computer speakers Files and folders will not open at all WINDOWS SECURITY CENTER has been disabled WINDOWS FIREWALL or other third party firewall software has been disabled Instead of logging into the desktop with icons after the Windows splash screen, the computer just shows a black screen and cursor. Windows password(s) have been changed without the user(s) doing so Software, files, pictures, music, video etc; start to open/run without the user commanding those actions. A computer will not boot up after powering on. (rare cases Boot virus)
You get you are infected pop-ups, by an antivirus program that you never installed. You get a constant blue screen with the error: IRQL_NOT_LESS_OR_EQUAL Your desktop icons, folders, files and documents have disappeared (hidden) You see the hard drive activity light blinking, but no programs are running at all. LAST DATE MODIFIED is showing recent dates for software that you havent accessed recently (in your Windows directories). Changes in file sizes occur for no good reason; for example a 5MB file now reads as 1K. Your hard drive space diminishes rapidly without anything being downloaded or installed by the user The printer is connected properly and operating, but you cannot print You notice software icons on your desktop that you didnt install You are noticing more emails in your inbox related to your interests, however, you rarely share that email address with anyone. You receive a call from your ISP (Internet Service Provider) stating theyve received complaints stemming from your IP address. Your website has been hacked, or spyware is found on your website (for instance, Google often sends alerts to the administrators account when this happens)
II. Preparing for virus scanning & removal
Digital data is consisted of binary codes, which is essentially 1s and 0s, translated (encoded) to be used by the CPU. Digital data should be treated as highly fragile, or non-existent, whenever it comes to performing any type of work on a computer that involves the hard disk. Removing malware should never be attempted without preparation, to ensure that in the event of a mistake or data corruption, the computer can be restored to its original format; this translates into preservation of settings, documents, files, profiles, databases, etc. At TekTime IT Consulting, our policy is preservation of data prior to ANY work being performed on a computer or network. Therefore we use software which allows us to clone: to make an exact copy of the customers hard drive, which will be used for the purpose of restoring, in the event the computer becomes unbootable or important files are deleted along with the virus. Here are the tools we gather prior to beginning ANY work on a personal computer:
SATA or PATA USB Hard Drive Enclosure (3.5 for desktop drives, 2.5 for laptop drives) A hard drive to use to store the temporarily backed up/cloned data; 500GB+ preferred NOTE: An External USB Hard Drive can be used in replacement of the two above. A USB to IDE/SATA Adapter, can be used in replacement of a USB Enclosure. Software with the capability to clone hard drives. We currently use Acronis True Home Image 2012. Since there are several different brands and types of backup software on the market, we are unable to illustrate how to create a clone of a hard disk, since all software has different options and menus. If you would like to know how to make a cloned copy of a hard drive, onto an external drive please email us at support@time4tech.com, and mention the software you are using or would like to use. Too lazy or tired to do that? Just click here to email us! We will provide you step-by-step details within 0-3 hours of receiving your email. All compliments of TekTime IT Consulting for buying this handbook! Now that youve created a perfect, BOOTABLE backup of your or your clients data, its time to verify the integrity of the clone copy. Continue reading on the next page
Preferably, the hard drive of the customers is the same size drive and type as the backup drive you are using. If so, you just need to plug in the clone copy, and proceed with the process of booting into Windows. If it boots successfully with the same exact information and setup as the clients computer, the data copy is ready to store in a safe place, in case future use is needed. Remember to store this drive in a place free of direct sunlight, moisture, shock, and/or any other threat which could damage a hard drive.
NOTE: Strict data security measures should always be a policy, so ANY data copy made of a clients data should be IMMEDIATELY destroyed (drive reformatted) after the computer or problem is successfully repaired and the customer has signed off on the repairs as being satisfactory. ______________________________________________________________________________
UNDERSTAND THE RISKS OF REMOVING MALWARE!
Removing malware does have a set of risks that should be acknowledged prior to beginning any virus cleaning, on any computer or network. Since we encourage backing up data stringently, these risks should cost you nothing in the long runjust time! Several risks are, but arent limited to: Inability to boot a computer successfully upon removing certain types of malware. Since many viruses replace critical system files with infected files, removing those files will cause problems with stability or reliability due to important files having been deleted. Upon successfully removing malware, a computer may become unstable, and could crash randomly, restart randomly, or have many other symptoms that arent considered normal operation. It is always wise to prepare for unusual activity, such as programs that wont open or crash unexpectedly, random errors and other problems that cant be predicted. Inability to access the internet and/or the local network. Many types of malware can and will change: proxy settings of various browsers, change TCP/IP settings, host file settings, firewall settings, router settings and much more. After removing a virus, you may find that the computer can no longer access the internet. There are various ways to
troubleshoot a computer that cant access the internet due to malware [removal], but we wont cover all of them in this handbook, to save time and avoid boredom! Ancient Windows XP computers which were infected with malware may have damaged WINSOCK files. If you remove viruses on an XP computer and cant access the internet, download Winsock Fix by clicking here. That usually does fix the issue; if not contact us! Inability to access Internet Explorer and/or download Windows updates. So many types of malware tend to target and infect poor Microsofts software. Often enough, Internet Explorer will display a Page not found or similar message when attempting to access the internet after removing a virus. If you encounter problems accessing Internet Explorer after removing a virus, feel free to email us at support@time4tech.com. We will have an answer (or assistance) to your problem within 0-3 hourstotally FREE! Inability to install software. Many threats also attack the .MSI installer which is needed for Windows to install and uninstall software. There are also ways to get around this problem so feel free to contact us if needed at the above address for a quick solution. ________________________________________________________________________
PREPARE FOR SCANNING!
1.) Disconnect from the internet. Malware can connect to the internet, update itself when needed, and proceed to download more malicious software from the internet; upload sensitive data to the internet (i.e. sensitive client information and company-critical database records) and much more. As well, if there is a network present with other computers attached, those computers could become infected as well. Always disconnect the internet as a first step to prepare for scanning a computer infected with malware. If youve created a subnet, you can connect an infected PC to the Internet with less chance of incident. Otherwise, All PCs connected to your network should also be disconnected. 2.) Create a current Restore Point. Open SYSTEM RESTORE (System Protection in Vista and Windows 7). Create a restore point for the current day in which the virus is being removed. A current restore point will aid in restoring the computer to its original state in the event there are problems encountered during or after the cleaning.
3.) Remove all writable media. Disconnect all memory cards, external USB drives, and other storage devices from the computer. Viruses tend to spread easily to drives and media connected to an infected computer, so its best to disconnect any to lower the risk of spreading the infection. 4.) Create a cloned copy of the suspected/infected hard drive. Attach the external USB backup drive to the infected (or suspect) computer. At this point, you should have your Cloning Software as noted earlier, ready to create a cloned copy of the hard drive in case something bad happens during the process. We wont cover the cloning process in this eBook, but feel free to email us for FREE assistance if needed, to complete the cloning process. NOTE: If you elect NOT to clone the drive, you may be liable for loss data!! Please remember that due to viruses and other errors, it may be possible that a drive will not clone. In such an instance, manually backing up important data is needed. NOTE: You MAY need to reference item#5 - below, to create a clone copy of the hard drive, as it is sometimes not possible to clone a hard drive via USB, while it is connected to the source computer. In that scenario, attach the backup drive to a master computer, and then attach the infected drive to an additional enclosure, to create a copy. Two USB enclosures (or adapters) will be needed in this situation.
5.) Remove the infected hard drive from the computer. Carefully remove the infected drive or the drive that you would like to scan, from the computer. Whether a laptop or desktop, hard drives are very straight forward to remove, and require a Phillips head screwdriver, anti-static surface and a bit of patience!
NOTE: Its best to use a static free wristband when working with hardware components to prevent electrostatic damage, but working on a wooden or non- conductive surface will help greatly, as well as resisting the urge to work on a computer in a carpeted room. Next, attach the hard drive to the USB Hard Drive enclosure. Example enclosures are shown below for your reference. Notice the differences between a laptop enclosure and a desktop enclosure.
Desktop Hard Drive Enclosure:
Laptop Hard Drive Enclosure:
Once the hard drive is connected properly and plugged in, the drive is now ready to be attached to a different computer; that contains the needed scanning software. Now you have completed the Preparation process. NOTE: If you do NOT want to use an external USB drive, and you dont feel comfortable removing a hard drive from a computer, that is totally understandable. To scan a computer for viruses that will not allow software to be installed, or that doesnt boot, you will need to use a rescue disk to boot the computer and scan for malware outside of the Windows Operating system. We will discuss rescue disks in an update to this manual - in the near future. In the meantime, please feel free to email us for any assistance with creating/buying a rescue disk to scan a PC for malware! Also, you should perform a manual backup, by copying and pasting the files from the computer you are working on, to an external media such as a CD, flash drive, etc; to safeguard the clients important data in case the computer no longer boots during or after the virus removal. Performing Manual Backups: Files that you want to copy and paste include: My Videos, My Music, My Documents, My Pictures and bookmarks, as shown on the next page.
Next, search for any music, picture, video or documents that may be on the computer and not saved in the various MY folders. Click on Start on the taskbar, and click Search.
Next, choose from the selection of options (shown on the next page is a picture of the search box in Windows Vista and Windows 7, for reference; XP will appear differently). Click the first option shown below: Pictures, music, or video
Next, click on all of the boxes as shown below, and then click on Search
Now, you will notice ALL of the pictures, music, and videos on the hard drive will start showing in Windows Explorer. Allow the computer to scan for ALL of the files until it is completed. Once it is completed you can Copy and Paste the files onto the USB backup.
Now, repeat the same process as you did when searching for music etc, but choose: Documents (word processing, spreadsheet, etc.) Next, allow the computer to search for documents the same as when you searched for music, video, pictures and other files. Copy and paste what is found onto the USB backup drive. Repeat this step for ALL FILES AND FOLDERS next, and then you can manually search for any other data the user may need such as web browser bookmarks, .exe files, etc. Once you have backed up all of the data manually, you are ready to scan for viruses! Please remember that the manual backup method is used as an alternative to using the external hard drive enclosure and cloning a drive, to preserve data. IF YOU DONT NEED TO BACKUP, OR CANT BACKUP FILES, AND YOU ARENT USING AN EXTERNAL HARD DRIVE, YOU CAN STILL REMOVE MALWARE WITH A VERY LOW CHANCE OF DATA LOSS. DO NOT PROCESS TO THE NEXT CHAPTER. INSTEAD, CLICK HERE.
Sorry!
Unfortunately, this is the end of the PC Technicians Virus Removal Manual Version 3.1 sample.