SlideShare uma empresa Scribd logo

The PC Technician's Virus Removal Manual V3.1!

Raymond Mackie
Raymond Mackie

"More than 35,000 NEW computer viruses are released EVERY DAY" Are PC viruses, trojans, spyware, and other infections causing you too many problems? Have you spent more money on virus removal than you care to admit? Are you sick and tired of being helpless, depending on a slow computer repair guy? End your PC virus problems once and for all, and save over $300 per year--by fixing your own virus problems! The PC Technician's Virus Removal Manual is the ONLY eBook of it's kind; with step-by-step, detailed instructions and unlimited technical support! So download YOUR copy of the Virus Removal Manual, and become a virus removal expert, virtually overnight. GUARANTEED!

Tecnologia
1 de 19
Baixar para ler offline
NOTICE: You Do NOT Have the Right to Reprint or Resell this Handbook. COPYRIGHT© 2010-2014 TekTime IT Consulting LLC - All Rights Reserved Disclaimer: While every attempt has been made to verify the information provided in this publication, neither the author nor the Publisher assumes any responsibility for errors, omissions, or contrary interpretation of the subject matter herein. This publication is not intended for use as a source of legal advice. The information contained herein may be subject to varying state and/or local laws or regulations. The Purchaser or Reader of this publication assumes responsibility for the use of these materials and information. Adherence to all applicable laws and regulations, federal, state, and local, governing professional licensing, business practices, advertising, and all other aspects of doing business in the United States or any other jurisdiction is the sole responsibility of the Purchaser or Reader. The Author and Publisher assume no responsibility or liability whatsoever on the behalf of any Purchaser or Reader of these materials. Any perceived slights of specific people or organizations are unintentional. Any unauthorized selling, sharing, or use of this manual, is prohibited by law without expressed, written consent from the author.
PREFACE First, I would like to thank you for purchasing volume III of the PC Technician’s Virus Removal Manual. Without loyal readers such as yourself, the strategies, “secrets” and knowledge used to create this publication would have been shared in vain. If you own a computer—which I’m sure you do—you have at least HEARD of a computer virus, unless you’re in a third world country. I’m sure you understand well; viruses are never created to spread wealth and happiness to unsuspecting users! Viruses are and will continue to be a problem in the digital world, due to the sheer amount of viruses being written daily—to the tune of 35,000 new threats released daily—and they become more complex with each passing year, making them more difficult to remove. Not only that, but malware is not limited to just computer users per se; it affect servers, websites, entire networks and so much more in this era. That being said, this eBook will serve as the perfect reference guide, in which to remove viruses, trojans and other threats from a computer successfully and thoroughly. Regardless of that computer’s function, from server to datacenter to home-level computer— the solution is right here. This handbook is not an ordinary eBook, and is definitely not “fun” to read, as a non-fiction novel or other genre book may be. Unfortunately, I won’t get into my background here, spilling the beans about where I came from, my expertise, hobbies and habits. I decided to save that for my website! This manual is strictly for helping others learn the methods and tools that I and various technicians have used, and use, to become successful in defeating malware. The strategies shared in this book are listed sequentially or “step by step,” and ideally, for beginners, should be performed on a computer in the EXACT order and fashion as described in this book, with little to no deviation, in order to achieve the desired end-goal. However, it is possible for advanced computer users and technicians to skim through the book to utilize the software links, or search for information that will enhance their acquired skill sets and increase their knowledge banks. If you are a beginner or a novice in virus removal and various technical modalities, you’ll benefit highly from following each page from beginning to end, unless instructed otherwise within the manual. Have any questions? Feel free to ask here!
Many of the techniques and software used in removing viruses from a computer are universal; in other words the various techniques are known amongst thousands if not millions of computer technicians. Please do not misunderstand the purpose of this book, in hopes of stumbling across the “holy grail” of virus removal; there are no “secrets being shared here.” What makes this book extremely valuable is the easy to follow, step-by-step, illustrated instructions combined with hyperlinks to FREE software and UNLIMITED technical support. The techniques and tools highlighted in this book are the exact same techniques and tools used by our technicians on a daily basis, for the purpose of removing malware from computers and networks. TekTime IT Consulting has a malware removal success rate of 99%. In other words, 99 out of 100 computer viruses are successfully removed without data loss or the need to re-format and reinstall the Operating System! Beyond that, we successfully remove malware from other networked devices, servers and websites while enhancing security and preventing/minimizing future incidents. Keep in mind that data loss resulting from malware infection may or may not be reversed; this fact needs to be communicated with the customer or client before beginning any work to eradicate the threat. OUR success equals YOUR success— as long as you use the strategies and techniques written in this book. There are many approaches possible when diagnosing, cleaning and preventing malware, but the approaches used in this book may differ from what others may recommend. For example, many technicians use a “Rescue disk” or CD-Rom/DVD-Rom that contains anti-virus software and utilities. These disks are used to diagnose/clean malware before the computer boots into its Operating System, and most contain bootable utilities to remove viruses that prevent booting successfully. NOTE: We will not use the Rescue disk approach in this book due to our strict policy of backing up data prior to performing any cleaning, to avoid data loss and liability. Since viruses become more and more complex as the years go by, virus removal software can work perfectly fine today, yet fail to detect the threats of tomorrow. For this reason, virus software authors are ALWAYS busy creating new application which will prove to be effective against the onslaught of current viruses. That leads us to the next point…. THIS MANUAL IS UPDATED REGULARLY. Since you have purchased this manual, you will receive an updated copy—FREE OF CHARGE—whenever an update is released!!
Updates to this book will be released periodically as:  New virus removal software tools and utilities are released  New techniques in malware removal are discovered by our team  Revised methods of diagnosis/cleaning are learned by our team  New operating systems are released and information relevant to diagnosis/removal on the new Operating System are needed  Any other information is discovered by TekTime IT Consulting that will prove helpful in removing and preventing viruses.  The author decides to offer more tips, tricks and solutions to your technician’s arsenal, and to provide more value than you paid for! Computer technicians getting into virus removal will find that this eBook will pay for itself hundreds if not thousands of times over, just by utilizing the methods described when cleaning your clients’ (or future clients’) computers. Remember, we provide full technical support to the purchasers of this manual, so feel free to contact us if you come across any issues while removing malware, or if you would like assistance. We will respond to your inquiry within 0-3 hours! See you on the other side!
TABLE OF CONTENTS Chapter I: What’s A Computer Virus & What Are Symptoms of Infection? Defines computer viruses and lists many common symptoms associated with computer infection. Chapter II: Preparing For Virus Scanning & Removal Details on the preparations needed to prepare a computer for virus scanning, including the precautions necessary to protect the user’s original data, from becoming corrupt or deleted. Chapter III: Scanning For Threats Learn which antivirus programs are available for free, where to download them, which ones we recommend as most effective, and the steps necessary in scanning for malware. Learn how to accurately scan a computer, to avoid the chance of not detecting malware that resides on a computer. Also, learn how to avoid “false positives” when scanning for malware, to prevent deleting critical system files or other precious data. Chapter IV: Reversing Malware-Changed Settings Learn how to search for malware in common places, as well as how to locate hidden malware. Learn the various settings that malware typically changes, which affect a computer’s reliability and ability to operate. Learn how to revert back to the original “healthy” settings. Chapter V: Removing Malware That “Kills” Software Learn the behavior and characteristics of malware, and how many types can be eradicated using manual techniques and software tools. Learn which software tools can be used to kill malicious processes while they are running, even when they resist killing, renaming or deletion. Learn how to discover and remove malware that “clones” or “copies” itself.
Chapter VI: Rootkits - How to Detect & Remove Them Learn how to identify rootkits by using specialized software to locate hidden files and processes, that wouldn’t otherwise be detectable using conventional, consumer-grade software products. Learn how to identify if a rootkit is actually harmful as some pose no threat at all. Chapter VII: Confirming Full Removal of Malware within a Computer Learn how to check a computer to ensure that malware has been removed, and all traces of viruses, trojans, spyware, rootkits are eradicated and cause no harm to an otherwise “healthy” user experience. Chapter VIII: Safeguards to Prevent Malware Infection & Compromise Learn methods to secure a Windows computer from malware infections, external exploits, and how to minimize or prevent malicious behavior in the event an infection occurs. Learn how to prevent malware and other threats from executing real-time changes on a computer. Chapter IX: How to Scan Networks for Malware & Hacker Activity Learn how to scan individual computers and networked computers for incoming and outgoing threats with harmful intent. Obtain details on scanning an entire network for malware, and safeguarding against infection across a network of computers and devices. Chapter X: Locating & Removing Malware on Servers & Websites Learn methods to scan for malware on various types of servers, and how to locate malware or malicious code located within a website. Learn how to secure a website immediately after it has been infected; how to scan for hidden code and encoded script located within web pages and directories, and how to safeguard against future incidents.
I. What’s a computer virus & what are the symptoms? A computer virus is a computer program that can, for the most part, copy itself and “infect” a computer. The word “malware” is used as a general term usually, to describe many types of infections which can and will compromise a computer and its data; these include viruses, worms, Trojan horses, rootkits, spyware, adware, scripts and more. Malware—usually spread by unsuspecting computer users who: click on a link, open an email, transfer media from one computer to another using an external drive; or do to exploits used by hackers and external threats to compromise a computer. Malware may corrupt or delete the data on a computer or use the internet to spread to other computers via email, peer to peer software, websites, code injection, etc. Trojans and worms are usually created for a specific purpose, such as stealing data, controlling a computer, sending emails to a spam list, tracking a user’s habits, causing “fake alerts” prompting the user to spend money to clean the infection, and more. Viruses are created to cause harm to a computer. Deleting files, rendering a hard drive unbootable, causing a computer to restart constantly; are just some of many examples of malicious virus activity. Trojans and worms can often be called viruses simultaneously. Rootkits enable continuous administrative level access to a computer, while hiding or “cloaking” its presence from the user(s). Rootkits are often extremely difficult to detect and take a higher level of knowledge to detect, remove and prevent. These will be explained in more detail later in this book. There are many symptoms which could indicate a computer is infected by malware; this includes but is not limited to the following:  Antivirus software indicates a virus infection on the computer/server  The computer restarts randomly and unexpectedly  The computer will not boot into Windows even though no software was installed nor updates performed  Windows task manager will not open  Windows does not startup, and a message is shown stating: “…system files are missing.”
 “Low memory” errors pop up even if there is no memory true memory problem  You get random BSODs (Blue Screen Of Death)  Your computer seems to “move” very slowly, and your task manager may indicate high CPU usage, even when you are running no programs at all (i.e. 100% CPU usage)  The computer’s starting or loading time to get into Windows takes excessively long.  Constant pop-ups are appearing and/or browser re-directs (being unintentionally directed to other web sites than those you’ve selected)  People are receiving emails that you don’t recall sending  Your broadband modem is showing traffic activity, when you aren't using the internet  When new programs are installed, they either don’t work or have constant problems  You are suddenly receiving more spam to your email inbox(s)  Programs that are installed are instantly deleted  Documents and files disappear (deleted)  Windows updates will not install successfully  DVD and CD-Rom drives open and close by themselves  Sounds may play randomly, from the computer speakers  Files and folders will not open at all  WINDOWS SECURITY CENTER has been disabled  WINDOWS FIREWALL or other third party firewall software has been disabled  Instead of logging into the desktop with icons after the Windows “splash screen”, the computer just shows a black screen and cursor.  Windows password(s) have been changed without the user(s) doing so  Software, files, pictures, music, video etc; start to open/run without the user commanding those actions.  A computer will not boot up after powering on. (rare cases – “Boot virus”)
 You get “you are infected” pop-ups, by an “antivirus” program that you never installed.  You get a constant blue screen with the error: IRQL_NOT_LESS_OR_EQUAL  Your desktop icons, folders, files and documents have “disappeared” (hidden)  You see the “hard drive activity” light blinking, but no programs are running at all.  LAST DATE MODIFIED is showing recent dates for software that you haven’t accessed recently (in your Windows directories).  Changes in file sizes occur for no good reason; for example a 5MB file now reads as 1K.  Your hard drive space diminishes rapidly without anything being downloaded or installed by the user  The printer is connected properly and operating, but you cannot print  You notice software icons on your desktop that you didn’t install  You are noticing more emails in your inbox related to your interests, however, you rarely share that email address with anyone.  You receive a call from your ISP (Internet Service Provider) stating they’ve received complaints stemming from your IP address.  Your website has been hacked, or spyware is found on your website (for instance, Google often sends alerts to the administrator’s account when this happens)
II. Preparing for virus scanning & removal Digital data is consisted of “binary codes,” which is essentially 1s and 0s, translated (encoded) to be “used” by the CPU. Digital data should be treated as highly fragile, or non-existent, whenever it comes to performing any type of work on a computer that involves the hard disk. Removing malware should never be attempted without preparation, to ensure that in the event of a “mistake” or data corruption, the computer can be restored to its original format; this translates into preservation of settings, documents, files, profiles, databases, etc. At TekTime IT Consulting, our policy is preservation of data prior to ANY work being performed on a computer or network. Therefore we use software which allows us to clone: to make an exact copy of the customer’s hard drive, which will be used for the purpose of restoring, in the event the computer becomes unbootable or important files are deleted along with the virus. Here are the tools we gather prior to beginning ANY work on a personal computer:  “SATA or PATA USB Hard Drive Enclosure” (3.5” for desktop drives, 2.5” for laptop drives)  A hard drive to use to store the temporarily backed up/cloned data; 500GB+ preferred  NOTE: An External USB Hard Drive can be used in replacement of the two above.  A “USB to IDE/SATA Adapter,” can be used in replacement of a USB Enclosure.  Software with the capability to “clone” hard drives. We currently use Acronis True Home Image 2012. Since there are several different brands and types of backup software on the market, we are unable to illustrate how to create a clone of a hard disk, since all software has different options and menus. If you would like to know how to make a cloned copy of a hard drive, onto an external drive please email us at support@time4tech.com, and mention the software you are using or would like to use. Too lazy or tired to do that? Just click here to email us! We will provide you step-by-step details within 0-3 hours of receiving your email. All compliments of TekTime IT Consulting for buying this handbook! Now that you’ve created a perfect, BOOTABLE backup of your or your client’s data, it’s time to verify the integrity of the clone copy. Continue reading on the next page 
Preferably, the hard drive of the customer’s is the same size drive and type as the backup drive you are using. If so, you just need to plug in the clone copy, and proceed with the process of booting into Windows. If it boots successfully with the same exact information and setup as the client’s computer, the data copy is ready to store in a safe place, in case future use is needed. Remember to store this drive in a place free of direct sunlight, moisture, shock, and/or any other threat which could damage a hard drive. NOTE: Strict data security measures should always be a policy, so ANY data copy made of a client’s data should be IMMEDIATELY destroyed (drive reformatted) after the computer or problem is successfully repaired and the customer has “signed off” on the repairs as being satisfactory. ______________________________________________________________________________ UNDERSTAND THE RISKS OF REMOVING MALWARE! Removing malware does have a set of risks that should be acknowledged prior to beginning any virus cleaning, on any computer or network. Since we encourage backing up data stringently, these risks should cost you nothing in the long run—just time! Several risks are, but aren’t limited to:  Inability to boot a computer successfully upon removing certain types of malware. Since many viruses replace critical system files with “infected” files, removing those files will cause problems with stability or reliability due to important files having been deleted.  Upon successfully removing malware, a computer may become unstable, and could crash randomly, restart randomly, or have many other symptoms that aren’t considered “normal” operation. It is always wise to prepare for unusual activity, such as programs that won’t open or crash unexpectedly, random errors and other problems that can’t be predicted.  Inability to access the internet and/or the local network. Many types of malware can and will change: proxy settings of various browsers, change TCP/IP settings, host file settings, firewall settings, router settings and much more. After removing a virus, you may find that the computer can no longer access the internet. There are various ways to
troubleshoot a computer that can’t access the internet due to malware [removal], but we won’t cover all of them in this handbook, to save time and avoid boredom!  Ancient Windows XP computers which were infected with malware may have damaged WINSOCK files. If you remove viruses on an XP computer and can’t access the internet, download Winsock Fix by clicking here. That usually does fix the issue; if not contact us!  Inability to access Internet Explorer and/or download Windows updates. So many types of malware tend to target and infect poor Microsoft’s software. Often enough, Internet Explorer will display a “Page not found” or similar message when attempting to access the internet after removing a virus. If you encounter problems accessing Internet Explorer after removing a virus, feel free to email us at support@time4tech.com. We will have an answer (or assistance) to your problem within 0-3 hours…totally FREE!  Inability to install software. Many threats also attack the .MSI installer which is needed for Windows to install and uninstall software. There are also ways to get around this problem so feel free to contact us if needed at the above address for a quick solution. ________________________________________________________________________ PREPARE FOR SCANNING! 1.) Disconnect from the internet. Malware can connect to the internet, update itself when needed, and proceed to download more malicious software from the internet; upload sensitive data to the internet (i.e. sensitive client information and company-critical database records) and much more. As well, if there is a network present with other computers attached, those computers could become infected as well. Always disconnect the internet as a first step to prepare for scanning a computer infected with malware. If you’ve created a subnet, you can connect an infected PC to the Internet with less chance of incident. Otherwise, All PCs connected to your network should also be disconnected. 2.) Create a current Restore Point. Open SYSTEM RESTORE (System Protection in Vista and Windows 7). Create a restore point for the current day in which the virus is being removed. A current restore point will aid in restoring the computer to its original state in the event there are problems encountered during or after the cleaning.
3.) Remove all writable media. Disconnect all memory cards, external USB drives, and other storage devices from the computer. Viruses tend to spread easily to drives and media connected to an infected computer, so it’s best to disconnect any to lower the risk of spreading the infection. 4.) Create a cloned copy of the suspected/infected hard drive. Attach the external USB backup drive to the infected (or suspect) computer. At this point, you should have your “Cloning Software” as noted earlier, ready to create a cloned copy of the hard drive in case something “bad” happens during the process. We won’t cover the cloning process in this eBook, but feel free to email us for FREE assistance if needed, to complete the cloning process. NOTE: If you elect NOT to clone the drive, you may be liable for loss data!! Please remember that due to viruses and other errors, it may be possible that a drive will not “clone.” In such an instance, manually backing up important data is needed. NOTE: You MAY need to reference item#5 - below, to create a clone copy of the hard drive, as it is sometimes not possible to “clone” a hard drive via USB, while it is connected to the “source” computer. In that scenario, attach the “backup” drive to a master computer, and then attach the “infected” drive to an additional enclosure, to create a copy. Two USB enclosures (or adapters) will be needed in this situation. 5.) Remove the infected hard drive from the computer. Carefully remove the infected drive or the drive that you would like to scan, from the computer. Whether a laptop or desktop, hard drives are very straight forward to remove, and require a Phillips head screwdriver, anti-static surface and a bit of patience!
NOTE: It’s best to use a “static free wristband” when working with hardware components to prevent electrostatic damage, but working on a wooden or non- conductive surface will help greatly, as well as resisting the urge to work on a computer in a carpeted room. Next, attach the hard drive to the USB Hard Drive enclosure. Example enclosures are shown below for your reference. Notice the differences between a laptop enclosure and a desktop enclosure. Desktop Hard Drive Enclosure: Laptop Hard Drive Enclosure:
Once the hard drive is connected properly and plugged in, the drive is now ready to be attached to a different computer; that contains the needed scanning software. Now you have completed the Preparation process. NOTE: If you do NOT want to use an external USB drive, and you don’t feel comfortable removing a hard drive from a computer, that is totally understandable. To scan a computer for viruses that will not allow software to be installed, or that doesn’t boot, you will need to use a “rescue disk” to boot the computer and scan for malware outside of the Windows Operating system. We will discuss rescue disks in an update to this manual - in the near future. In the meantime, please feel free to email us for any assistance with creating/buying a rescue disk to scan a PC for malware! Also, you should perform a “manual backup”, by copying and pasting the files from the computer you are working on, to an external media such as a CD, flash drive, etc; to safeguard the client’s important data in case the computer no longer boots during or after the virus removal. Performing Manual Backups: Files that you want to copy and paste include: My Videos, My Music, My Documents, My Pictures and bookmarks, as shown on the next page. Next, search for any music, picture, video or documents that may be on the computer and not saved in the various “MY” folders. Click on Start on the taskbar, and click Search.
Next, choose from the selection of options (shown on the next page is a picture of the search box in Windows Vista and Windows 7, for reference; XP will appear differently). Click the first option shown below: Pictures, music, or video Next, click on all of the boxes as shown below, and then click on Search
Now, you will notice ALL of the pictures, music, and videos on the hard drive will start showing in Windows Explorer. Allow the computer to scan for ALL of the files until it is completed. Once it is completed you can Copy and Paste the files onto the USB backup. Now, repeat the same process as you did when searching for music etc, but choose: Documents (word processing, spreadsheet, etc.) Next, allow the computer to search for documents the same as when you searched for music, video, pictures and other files. Copy and paste what is found onto the USB backup drive. Repeat this step for ALL FILES AND FOLDERS next, and then you can manually search for any other data the user may need such as web browser bookmarks, .exe files, etc. Once you have backed up all of the data manually, you are ready to scan for viruses! Please remember that the manual backup method is used as an alternative to using the external hard drive enclosure and cloning a drive, to preserve data. IF YOU DON’T NEED TO BACKUP, OR CAN’T BACKUP FILES, AND YOU AREN’T USING AN EXTERNAL HARD DRIVE, YOU CAN STILL REMOVE MALWARE WITH A VERY LOW CHANCE OF DATA LOSS. DO NOT PROCESS TO THE NEXT CHAPTER. INSTEAD, CLICK HERE.
Sorry! Unfortunately, this is the end of the PC Technician’s Virus Removal Manual – Version 3.1 sample. _________________________________________________________ Click here to purchase the full version! You’ll have full access the remaining pages, resources, unlimited technical support and unlimited updates that we offer! Thanks again for taking interest in this handbook. See you on the other side! Sincerely yours, Jarvis Edwards - Author

Recomendados

Crystal's slide show
Crystal's slide showCrystal's slide show
Crystal's slide show
purviszoo
 
Rohingya want peace, why do you force them to be terrorists?
Rohingya want peace, why do you force them to be terrorists?Rohingya want peace, why do you force them to be terrorists?
Rohingya want peace, why do you force them to be terrorists?
Aung Aung Oo
 
القيادة الإدارية وإدارة التغيير
القيادة الإدارية وإدارة التغييرالقيادة الإدارية وإدارة التغيير
القيادة الإدارية وإدارة التغيير
المعتزبالله علوان عقيل
 
Revolución Francesa
Revolución FrancesaRevolución Francesa
Revolución Francesa
21Decimo
 
Why not action 2
Why not action 2Why not action 2
Why not action 2
Aung Aung Oo
 
Bu dwi !
Bu dwi !Bu dwi !
Bu dwi !
polska10
 
الادارة الاستراتيجية
الادارة الاستراتيجيةالادارة الاستراتيجية
الادارة الاستراتيجية
المعتزبالله علوان عقيل
 
Rakhine extremists, myanmar politics and democracy
Rakhine extremists, myanmar politics and democracyRakhine extremists, myanmar politics and democracy
Rakhine extremists, myanmar politics and democracy
Aung Aung Oo
 

Recomendados

Crystal's slide show
Crystal's slide showCrystal's slide show
Crystal's slide show
purviszoo
 
Rohingya want peace, why do you force them to be terrorists?
Rohingya want peace, why do you force them to be terrorists?Rohingya want peace, why do you force them to be terrorists?
Rohingya want peace, why do you force them to be terrorists?
Aung Aung Oo
 
القيادة الإدارية وإدارة التغيير
القيادة الإدارية وإدارة التغييرالقيادة الإدارية وإدارة التغيير
القيادة الإدارية وإدارة التغيير
المعتزبالله علوان عقيل
 
Revolución Francesa
Revolución FrancesaRevolución Francesa
Revolución Francesa
21Decimo
 
Why not action 2
Why not action 2Why not action 2
Why not action 2
Aung Aung Oo
 
Bu dwi !
Bu dwi !Bu dwi !
Bu dwi !
polska10
 
الادارة الاستراتيجية
الادارة الاستراتيجيةالادارة الاستراتيجية
الادارة الاستراتيجية
المعتزبالله علوان عقيل
 
Rakhine extremists, myanmar politics and democracy
Rakhine extremists, myanmar politics and democracyRakhine extremists, myanmar politics and democracy
Rakhine extremists, myanmar politics and democracy
Aung Aung Oo
 
دورة إدارة الموارد البشرية
دورة إدارة الموارد البشريةدورة إدارة الموارد البشرية
دورة إدارة الموارد البشرية
المعتزبالله علوان عقيل
 
إدارة التميـــز
إدارة التميـــزإدارة التميـــز
إدارة التميـــز
المعتزبالله علوان عقيل
 
تحسين الأداء
تحسين الأداءتحسين الأداء
تحسين الأداء
المعتزبالله علوان عقيل
 
صناعة النجاح( مهارات تطوير الذات)
صناعة النجاح( مهارات تطوير الذات)صناعة النجاح( مهارات تطوير الذات)
صناعة النجاح( مهارات تطوير الذات)
المعتزبالله علوان عقيل
 
السلامة في المختبرات
السلامة في المختبراتالسلامة في المختبرات
السلامة في المختبرات
المعتزبالله علوان عقيل
 
تخطيط الموارد البشرية
تخطيط الموارد البشريةتخطيط الموارد البشرية
تخطيط الموارد البشرية
المعتزبالله علوان عقيل
 
دوره تقويم الاداء المؤسسي
دوره تقويم الاداء المؤسسيدوره تقويم الاداء المؤسسي
دوره تقويم الاداء المؤسسي
المعتزبالله علوان عقيل
 
القيادة الفعالة
القيادة الفعالةالقيادة الفعالة
القيادة الفعالة
المعتزبالله علوان عقيل
 
لغة الاشارة
لغة الاشارةلغة الاشارة
لغة الاشارة
المعتزبالله علوان عقيل
 
Marketing&sales
Marketing&salesMarketing&sales
Marketing&sales
المعتزبالله علوان عقيل
 
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوارالقيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
المعتزبالله علوان عقيل
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
apidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Zilliz
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Mais conteúdo relacionado

Destaque

القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوارالقيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
المعتزبالله علوان عقيل
 

Destaque (11)

دورة إدارة الموارد البشرية
دورة إدارة الموارد البشريةدورة إدارة الموارد البشرية
دورة إدارة الموارد البشرية
 
إدارة التميـــز
إدارة التميـــزإدارة التميـــز
إدارة التميـــز
 
تحسين الأداء
تحسين الأداءتحسين الأداء
تحسين الأداء
 
صناعة النجاح( مهارات تطوير الذات)
صناعة النجاح( مهارات تطوير الذات)صناعة النجاح( مهارات تطوير الذات)
صناعة النجاح( مهارات تطوير الذات)
 
السلامة في المختبرات
السلامة في المختبراتالسلامة في المختبرات
السلامة في المختبرات
 
تخطيط الموارد البشرية
تخطيط الموارد البشريةتخطيط الموارد البشرية
تخطيط الموارد البشرية
 
دوره تقويم الاداء المؤسسي
دوره تقويم الاداء المؤسسيدوره تقويم الاداء المؤسسي
دوره تقويم الاداء المؤسسي
 
القيادة الفعالة
القيادة الفعالةالقيادة الفعالة
القيادة الفعالة
 
لغة الاشارة
لغة الاشارةلغة الاشارة
لغة الاشارة
 
Marketing&sales
Marketing&salesMarketing&sales
Marketing&sales
 
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوارالقيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
القيادة والإدارة إختلاف المفاهيم وتكامل الأدوار
 

Último

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

The PC Technician's Virus Removal Manual V3.1!

  • 1.
  • 2. NOTICE: You Do NOT Have the Right to Reprint or Resell this Handbook. COPYRIGHT© 2010-2014 TekTime IT Consulting LLC - All Rights Reserved Disclaimer: While every attempt has been made to verify the information provided in this publication, neither the author nor the Publisher assumes any responsibility for errors, omissions, or contrary interpretation of the subject matter herein. This publication is not intended for use as a source of legal advice. The information contained herein may be subject to varying state and/or local laws or regulations. The Purchaser or Reader of this publication assumes responsibility for the use of these materials and information. Adherence to all applicable laws and regulations, federal, state, and local, governing professional licensing, business practices, advertising, and all other aspects of doing business in the United States or any other jurisdiction is the sole responsibility of the Purchaser or Reader. The Author and Publisher assume no responsibility or liability whatsoever on the behalf of any Purchaser or Reader of these materials. Any perceived slights of specific people or organizations are unintentional. Any unauthorized selling, sharing, or use of this manual, is prohibited by law without expressed, written consent from the author.
  • 3. PREFACE First, I would like to thank you for purchasing volume III of the PC Technician’s Virus Removal Manual. Without loyal readers such as yourself, the strategies, “secrets” and knowledge used to create this publication would have been shared in vain. If you own a computer—which I’m sure you do—you have at least HEARD of a computer virus, unless you’re in a third world country. I’m sure you understand well; viruses are never created to spread wealth and happiness to unsuspecting users! Viruses are and will continue to be a problem in the digital world, due to the sheer amount of viruses being written daily—to the tune of 35,000 new threats released daily—and they become more complex with each passing year, making them more difficult to remove. Not only that, but malware is not limited to just computer users per se; it affect servers, websites, entire networks and so much more in this era. That being said, this eBook will serve as the perfect reference guide, in which to remove viruses, trojans and other threats from a computer successfully and thoroughly. Regardless of that computer’s function, from server to datacenter to home-level computer— the solution is right here. This handbook is not an ordinary eBook, and is definitely not “fun” to read, as a non-fiction novel or other genre book may be. Unfortunately, I won’t get into my background here, spilling the beans about where I came from, my expertise, hobbies and habits. I decided to save that for my website! This manual is strictly for helping others learn the methods and tools that I and various technicians have used, and use, to become successful in defeating malware. The strategies shared in this book are listed sequentially or “step by step,” and ideally, for beginners, should be performed on a computer in the EXACT order and fashion as described in this book, with little to no deviation, in order to achieve the desired end-goal. However, it is possible for advanced computer users and technicians to skim through the book to utilize the software links, or search for information that will enhance their acquired skill sets and increase their knowledge banks. If you are a beginner or a novice in virus removal and various technical modalities, you’ll benefit highly from following each page from beginning to end, unless instructed otherwise within the manual. Have any questions? Feel free to ask here!
  • 4. Many of the techniques and software used in removing viruses from a computer are universal; in other words the various techniques are known amongst thousands if not millions of computer technicians. Please do not misunderstand the purpose of this book, in hopes of stumbling across the “holy grail” of virus removal; there are no “secrets being shared here.” What makes this book extremely valuable is the easy to follow, step-by-step, illustrated instructions combined with hyperlinks to FREE software and UNLIMITED technical support. The techniques and tools highlighted in this book are the exact same techniques and tools used by our technicians on a daily basis, for the purpose of removing malware from computers and networks. TekTime IT Consulting has a malware removal success rate of 99%. In other words, 99 out of 100 computer viruses are successfully removed without data loss or the need to re-format and reinstall the Operating System! Beyond that, we successfully remove malware from other networked devices, servers and websites while enhancing security and preventing/minimizing future incidents. Keep in mind that data loss resulting from malware infection may or may not be reversed; this fact needs to be communicated with the customer or client before beginning any work to eradicate the threat. OUR success equals YOUR success— as long as you use the strategies and techniques written in this book. There are many approaches possible when diagnosing, cleaning and preventing malware, but the approaches used in this book may differ from what others may recommend. For example, many technicians use a “Rescue disk” or CD-Rom/DVD-Rom that contains anti-virus software and utilities. These disks are used to diagnose/clean malware before the computer boots into its Operating System, and most contain bootable utilities to remove viruses that prevent booting successfully. NOTE: We will not use the Rescue disk approach in this book due to our strict policy of backing up data prior to performing any cleaning, to avoid data loss and liability. Since viruses become more and more complex as the years go by, virus removal software can work perfectly fine today, yet fail to detect the threats of tomorrow. For this reason, virus software authors are ALWAYS busy creating new application which will prove to be effective against the onslaught of current viruses. That leads us to the next point…. THIS MANUAL IS UPDATED REGULARLY. Since you have purchased this manual, you will receive an updated copy—FREE OF CHARGE—whenever an update is released!!
  • 5. Updates to this book will be released periodically as:  New virus removal software tools and utilities are released  New techniques in malware removal are discovered by our team  Revised methods of diagnosis/cleaning are learned by our team  New operating systems are released and information relevant to diagnosis/removal on the new Operating System are needed  Any other information is discovered by TekTime IT Consulting that will prove helpful in removing and preventing viruses.  The author decides to offer more tips, tricks and solutions to your technician’s arsenal, and to provide more value than you paid for! Computer technicians getting into virus removal will find that this eBook will pay for itself hundreds if not thousands of times over, just by utilizing the methods described when cleaning your clients’ (or future clients’) computers. Remember, we provide full technical support to the purchasers of this manual, so feel free to contact us if you come across any issues while removing malware, or if you would like assistance. We will respond to your inquiry within 0-3 hours! See you on the other side!
  • 6. TABLE OF CONTENTS Chapter I: What’s A Computer Virus & What Are Symptoms of Infection? Defines computer viruses and lists many common symptoms associated with computer infection. Chapter II: Preparing For Virus Scanning & Removal Details on the preparations needed to prepare a computer for virus scanning, including the precautions necessary to protect the user’s original data, from becoming corrupt or deleted. Chapter III: Scanning For Threats Learn which antivirus programs are available for free, where to download them, which ones we recommend as most effective, and the steps necessary in scanning for malware. Learn how to accurately scan a computer, to avoid the chance of not detecting malware that resides on a computer. Also, learn how to avoid “false positives” when scanning for malware, to prevent deleting critical system files or other precious data. Chapter IV: Reversing Malware-Changed Settings Learn how to search for malware in common places, as well as how to locate hidden malware. Learn the various settings that malware typically changes, which affect a computer’s reliability and ability to operate. Learn how to revert back to the original “healthy” settings. Chapter V: Removing Malware That “Kills” Software Learn the behavior and characteristics of malware, and how many types can be eradicated using manual techniques and software tools. Learn which software tools can be used to kill malicious processes while they are running, even when they resist killing, renaming or deletion. Learn how to discover and remove malware that “clones” or “copies” itself.
  • 7. Chapter VI: Rootkits - How to Detect & Remove Them Learn how to identify rootkits by using specialized software to locate hidden files and processes, that wouldn’t otherwise be detectable using conventional, consumer-grade software products. Learn how to identify if a rootkit is actually harmful as some pose no threat at all. Chapter VII: Confirming Full Removal of Malware within a Computer Learn how to check a computer to ensure that malware has been removed, and all traces of viruses, trojans, spyware, rootkits are eradicated and cause no harm to an otherwise “healthy” user experience. Chapter VIII: Safeguards to Prevent Malware Infection & Compromise Learn methods to secure a Windows computer from malware infections, external exploits, and how to minimize or prevent malicious behavior in the event an infection occurs. Learn how to prevent malware and other threats from executing real-time changes on a computer. Chapter IX: How to Scan Networks for Malware & Hacker Activity Learn how to scan individual computers and networked computers for incoming and outgoing threats with harmful intent. Obtain details on scanning an entire network for malware, and safeguarding against infection across a network of computers and devices. Chapter X: Locating & Removing Malware on Servers & Websites Learn methods to scan for malware on various types of servers, and how to locate malware or malicious code located within a website. Learn how to secure a website immediately after it has been infected; how to scan for hidden code and encoded script located within web pages and directories, and how to safeguard against future incidents.
  • 8. I. What’s a computer virus & what are the symptoms? A computer virus is a computer program that can, for the most part, copy itself and “infect” a computer. The word “malware” is used as a general term usually, to describe many types of infections which can and will compromise a computer and its data; these include viruses, worms, Trojan horses, rootkits, spyware, adware, scripts and more. Malware—usually spread by unsuspecting computer users who: click on a link, open an email, transfer media from one computer to another using an external drive; or do to exploits used by hackers and external threats to compromise a computer. Malware may corrupt or delete the data on a computer or use the internet to spread to other computers via email, peer to peer software, websites, code injection, etc. Trojans and worms are usually created for a specific purpose, such as stealing data, controlling a computer, sending emails to a spam list, tracking a user’s habits, causing “fake alerts” prompting the user to spend money to clean the infection, and more. Viruses are created to cause harm to a computer. Deleting files, rendering a hard drive unbootable, causing a computer to restart constantly; are just some of many examples of malicious virus activity. Trojans and worms can often be called viruses simultaneously. Rootkits enable continuous administrative level access to a computer, while hiding or “cloaking” its presence from the user(s). Rootkits are often extremely difficult to detect and take a higher level of knowledge to detect, remove and prevent. These will be explained in more detail later in this book. There are many symptoms which could indicate a computer is infected by malware; this includes but is not limited to the following:  Antivirus software indicates a virus infection on the computer/server  The computer restarts randomly and unexpectedly  The computer will not boot into Windows even though no software was installed nor updates performed  Windows task manager will not open  Windows does not startup, and a message is shown stating: “…system files are missing.”
  • 9.  “Low memory” errors pop up even if there is no memory true memory problem  You get random BSODs (Blue Screen Of Death)  Your computer seems to “move” very slowly, and your task manager may indicate high CPU usage, even when you are running no programs at all (i.e. 100% CPU usage)  The computer’s starting or loading time to get into Windows takes excessively long.  Constant pop-ups are appearing and/or browser re-directs (being unintentionally directed to other web sites than those you’ve selected)  People are receiving emails that you don’t recall sending  Your broadband modem is showing traffic activity, when you aren't using the internet  When new programs are installed, they either don’t work or have constant problems  You are suddenly receiving more spam to your email inbox(s)  Programs that are installed are instantly deleted  Documents and files disappear (deleted)  Windows updates will not install successfully  DVD and CD-Rom drives open and close by themselves  Sounds may play randomly, from the computer speakers  Files and folders will not open at all  WINDOWS SECURITY CENTER has been disabled  WINDOWS FIREWALL or other third party firewall software has been disabled  Instead of logging into the desktop with icons after the Windows “splash screen”, the computer just shows a black screen and cursor.  Windows password(s) have been changed without the user(s) doing so  Software, files, pictures, music, video etc; start to open/run without the user commanding those actions.  A computer will not boot up after powering on. (rare cases – “Boot virus”)
  • 10.  You get “you are infected” pop-ups, by an “antivirus” program that you never installed.  You get a constant blue screen with the error: IRQL_NOT_LESS_OR_EQUAL  Your desktop icons, folders, files and documents have “disappeared” (hidden)  You see the “hard drive activity” light blinking, but no programs are running at all.  LAST DATE MODIFIED is showing recent dates for software that you haven’t accessed recently (in your Windows directories).  Changes in file sizes occur for no good reason; for example a 5MB file now reads as 1K.  Your hard drive space diminishes rapidly without anything being downloaded or installed by the user  The printer is connected properly and operating, but you cannot print  You notice software icons on your desktop that you didn’t install  You are noticing more emails in your inbox related to your interests, however, you rarely share that email address with anyone.  You receive a call from your ISP (Internet Service Provider) stating they’ve received complaints stemming from your IP address.  Your website has been hacked, or spyware is found on your website (for instance, Google often sends alerts to the administrator’s account when this happens)
  • 11. II. Preparing for virus scanning & removal Digital data is consisted of “binary codes,” which is essentially 1s and 0s, translated (encoded) to be “used” by the CPU. Digital data should be treated as highly fragile, or non-existent, whenever it comes to performing any type of work on a computer that involves the hard disk. Removing malware should never be attempted without preparation, to ensure that in the event of a “mistake” or data corruption, the computer can be restored to its original format; this translates into preservation of settings, documents, files, profiles, databases, etc. At TekTime IT Consulting, our policy is preservation of data prior to ANY work being performed on a computer or network. Therefore we use software which allows us to clone: to make an exact copy of the customer’s hard drive, which will be used for the purpose of restoring, in the event the computer becomes unbootable or important files are deleted along with the virus. Here are the tools we gather prior to beginning ANY work on a personal computer:  “SATA or PATA USB Hard Drive Enclosure” (3.5” for desktop drives, 2.5” for laptop drives)  A hard drive to use to store the temporarily backed up/cloned data; 500GB+ preferred  NOTE: An External USB Hard Drive can be used in replacement of the two above.  A “USB to IDE/SATA Adapter,” can be used in replacement of a USB Enclosure.  Software with the capability to “clone” hard drives. We currently use Acronis True Home Image 2012. Since there are several different brands and types of backup software on the market, we are unable to illustrate how to create a clone of a hard disk, since all software has different options and menus. If you would like to know how to make a cloned copy of a hard drive, onto an external drive please email us at support@time4tech.com, and mention the software you are using or would like to use. Too lazy or tired to do that? Just click here to email us! We will provide you step-by-step details within 0-3 hours of receiving your email. All compliments of TekTime IT Consulting for buying this handbook! Now that you’ve created a perfect, BOOTABLE backup of your or your client’s data, it’s time to verify the integrity of the clone copy. Continue reading on the next page 
  • 12. Preferably, the hard drive of the customer’s is the same size drive and type as the backup drive you are using. If so, you just need to plug in the clone copy, and proceed with the process of booting into Windows. If it boots successfully with the same exact information and setup as the client’s computer, the data copy is ready to store in a safe place, in case future use is needed. Remember to store this drive in a place free of direct sunlight, moisture, shock, and/or any other threat which could damage a hard drive. NOTE: Strict data security measures should always be a policy, so ANY data copy made of a client’s data should be IMMEDIATELY destroyed (drive reformatted) after the computer or problem is successfully repaired and the customer has “signed off” on the repairs as being satisfactory. ______________________________________________________________________________ UNDERSTAND THE RISKS OF REMOVING MALWARE! Removing malware does have a set of risks that should be acknowledged prior to beginning any virus cleaning, on any computer or network. Since we encourage backing up data stringently, these risks should cost you nothing in the long run—just time! Several risks are, but aren’t limited to:  Inability to boot a computer successfully upon removing certain types of malware. Since many viruses replace critical system files with “infected” files, removing those files will cause problems with stability or reliability due to important files having been deleted.  Upon successfully removing malware, a computer may become unstable, and could crash randomly, restart randomly, or have many other symptoms that aren’t considered “normal” operation. It is always wise to prepare for unusual activity, such as programs that won’t open or crash unexpectedly, random errors and other problems that can’t be predicted.  Inability to access the internet and/or the local network. Many types of malware can and will change: proxy settings of various browsers, change TCP/IP settings, host file settings, firewall settings, router settings and much more. After removing a virus, you may find that the computer can no longer access the internet. There are various ways to
  • 13. troubleshoot a computer that can’t access the internet due to malware [removal], but we won’t cover all of them in this handbook, to save time and avoid boredom!  Ancient Windows XP computers which were infected with malware may have damaged WINSOCK files. If you remove viruses on an XP computer and can’t access the internet, download Winsock Fix by clicking here. That usually does fix the issue; if not contact us!  Inability to access Internet Explorer and/or download Windows updates. So many types of malware tend to target and infect poor Microsoft’s software. Often enough, Internet Explorer will display a “Page not found” or similar message when attempting to access the internet after removing a virus. If you encounter problems accessing Internet Explorer after removing a virus, feel free to email us at support@time4tech.com. We will have an answer (or assistance) to your problem within 0-3 hours…totally FREE!  Inability to install software. Many threats also attack the .MSI installer which is needed for Windows to install and uninstall software. There are also ways to get around this problem so feel free to contact us if needed at the above address for a quick solution. ________________________________________________________________________ PREPARE FOR SCANNING! 1.) Disconnect from the internet. Malware can connect to the internet, update itself when needed, and proceed to download more malicious software from the internet; upload sensitive data to the internet (i.e. sensitive client information and company-critical database records) and much more. As well, if there is a network present with other computers attached, those computers could become infected as well. Always disconnect the internet as a first step to prepare for scanning a computer infected with malware. If you’ve created a subnet, you can connect an infected PC to the Internet with less chance of incident. Otherwise, All PCs connected to your network should also be disconnected. 2.) Create a current Restore Point. Open SYSTEM RESTORE (System Protection in Vista and Windows 7). Create a restore point for the current day in which the virus is being removed. A current restore point will aid in restoring the computer to its original state in the event there are problems encountered during or after the cleaning.
  • 14. 3.) Remove all writable media. Disconnect all memory cards, external USB drives, and other storage devices from the computer. Viruses tend to spread easily to drives and media connected to an infected computer, so it’s best to disconnect any to lower the risk of spreading the infection. 4.) Create a cloned copy of the suspected/infected hard drive. Attach the external USB backup drive to the infected (or suspect) computer. At this point, you should have your “Cloning Software” as noted earlier, ready to create a cloned copy of the hard drive in case something “bad” happens during the process. We won’t cover the cloning process in this eBook, but feel free to email us for FREE assistance if needed, to complete the cloning process. NOTE: If you elect NOT to clone the drive, you may be liable for loss data!! Please remember that due to viruses and other errors, it may be possible that a drive will not “clone.” In such an instance, manually backing up important data is needed. NOTE: You MAY need to reference item#5 - below, to create a clone copy of the hard drive, as it is sometimes not possible to “clone” a hard drive via USB, while it is connected to the “source” computer. In that scenario, attach the “backup” drive to a master computer, and then attach the “infected” drive to an additional enclosure, to create a copy. Two USB enclosures (or adapters) will be needed in this situation. 5.) Remove the infected hard drive from the computer. Carefully remove the infected drive or the drive that you would like to scan, from the computer. Whether a laptop or desktop, hard drives are very straight forward to remove, and require a Phillips head screwdriver, anti-static surface and a bit of patience!
  • 15. NOTE: It’s best to use a “static free wristband” when working with hardware components to prevent electrostatic damage, but working on a wooden or non- conductive surface will help greatly, as well as resisting the urge to work on a computer in a carpeted room. Next, attach the hard drive to the USB Hard Drive enclosure. Example enclosures are shown below for your reference. Notice the differences between a laptop enclosure and a desktop enclosure. Desktop Hard Drive Enclosure: Laptop Hard Drive Enclosure:
  • 16. Once the hard drive is connected properly and plugged in, the drive is now ready to be attached to a different computer; that contains the needed scanning software. Now you have completed the Preparation process. NOTE: If you do NOT want to use an external USB drive, and you don’t feel comfortable removing a hard drive from a computer, that is totally understandable. To scan a computer for viruses that will not allow software to be installed, or that doesn’t boot, you will need to use a “rescue disk” to boot the computer and scan for malware outside of the Windows Operating system. We will discuss rescue disks in an update to this manual - in the near future. In the meantime, please feel free to email us for any assistance with creating/buying a rescue disk to scan a PC for malware! Also, you should perform a “manual backup”, by copying and pasting the files from the computer you are working on, to an external media such as a CD, flash drive, etc; to safeguard the client’s important data in case the computer no longer boots during or after the virus removal. Performing Manual Backups: Files that you want to copy and paste include: My Videos, My Music, My Documents, My Pictures and bookmarks, as shown on the next page. Next, search for any music, picture, video or documents that may be on the computer and not saved in the various “MY” folders. Click on Start on the taskbar, and click Search.
  • 17. Next, choose from the selection of options (shown on the next page is a picture of the search box in Windows Vista and Windows 7, for reference; XP will appear differently). Click the first option shown below: Pictures, music, or video Next, click on all of the boxes as shown below, and then click on Search
  • 18. Now, you will notice ALL of the pictures, music, and videos on the hard drive will start showing in Windows Explorer. Allow the computer to scan for ALL of the files until it is completed. Once it is completed you can Copy and Paste the files onto the USB backup. Now, repeat the same process as you did when searching for music etc, but choose: Documents (word processing, spreadsheet, etc.) Next, allow the computer to search for documents the same as when you searched for music, video, pictures and other files. Copy and paste what is found onto the USB backup drive. Repeat this step for ALL FILES AND FOLDERS next, and then you can manually search for any other data the user may need such as web browser bookmarks, .exe files, etc. Once you have backed up all of the data manually, you are ready to scan for viruses! Please remember that the manual backup method is used as an alternative to using the external hard drive enclosure and cloning a drive, to preserve data. IF YOU DON’T NEED TO BACKUP, OR CAN’T BACKUP FILES, AND YOU AREN’T USING AN EXTERNAL HARD DRIVE, YOU CAN STILL REMOVE MALWARE WITH A VERY LOW CHANCE OF DATA LOSS. DO NOT PROCESS TO THE NEXT CHAPTER. INSTEAD, CLICK HERE.
  • 19. Sorry! Unfortunately, this is the end of the PC Technician’s Virus Removal Manual – Version 3.1 sample. _________________________________________________________ Click here to purchase the full version! You’ll have full access the remaining pages, resources, unlimited technical support and unlimited updates that we offer! Thanks again for taking interest in this handbook. See you on the other side! Sincerely yours, Jarvis Edwards - Author