Personal Computer one stop shop.
Contents
1. Rules for this thread.
2. Getting Started.
3. Emergency Virus Removal
4. Malware Removal, Tweaks, and Maintenance.
5. PC Protection
6. Tips for the future.
Section 1: Rules for this thread.
Rule #1- Take responsibility for your own mistakes we didn’t break your PC your lack of PC knowledge landed you in this mess, we are simply trying to help you.
Rule #2- Remain calm and ask for help when you are stuck.
Rule #3- Don’t rush through this you will learn a lot if you take your time.
Rule #4- DON’T BUY ANYTHING EVERYTRHING IN THIS GUIDE IS FREE, IF YOU ARE GETTING CHARGED YOU DID SOMETHING WRONG.
Rule #5- When installing software in this guide you may be prompted to install additional software, change default browser, or search provider. It is your responsibility to select custom install NOT EXPRESS and uncheck all these additional things, you are to use FREE SOFTWARE ONLY DO NOT START ANY TRIALS OR APPLY FOR ANY PAID SOFTWARE.
Section 2: Getting Started
1. Assess your situation with the following questions.
a. Do I have control of my computer?
b. What is my computer doing?
c. Am I the PC administrator?
d. What is the malware if there is malware calling itself?
2. Depending on your answers to step one you now proceed.
a. If you answered no to (a), you will need another PC with internet (as in a different computer that is working correctly) and a portable USB drive to proceed (pen drive/zip drive is fine).
b. If you said it has a virus skip to step ( c). If you said blue or black screens of death. Please do the following.
>> Click Start, point to Settings, and then click Control Panel (Note the Underlined word there Windows 8 users).
>> Click System.
>> Click the Advanced tab, and then click Settings under Startup and Recovery.
>> In the Write debugging information list, click enable memory dumps.
>> (If this confused you search the internet for “Enabling Memory dumps”)
>> Now have you installed any new hardware? If so you will want to uninstall the driver for it, this is usually the reason these things happen.
>> If the problem persists download this -http://www.resplendence.com/download/whocrashedSetup.exe
>> Use the free edition.
>> Click Analyze- it will then tell you in English what is wrong with your Hardware. Proceed to trouble shoot online or if it is a driver issue wait to see if it is corrected in the driver update section of this guide.
c. If you answered yes I am the administrator skip to (d) if not do the following:
>> Control panel
>> User accounts/family
>> Change account type
>> Make this account an administrator
>> That didn’t work? Get on the administrative account then.
d. DON’T PANIC! There are viruses all over the internet it happens, we will kill it and if we don’t the worst thing that could happen is you would need to buy a system factory restore disk from you PC manufacturer for like 20 bucks. If your PC is custom built you should have an operating system disk already. Before we go with critical rebuild we are going to approach this situation logically with precision and attempt to repair the PC without wiping the entire thing.
First let’s see what kind of virus you have. Do you have a ROGUE, ROOTKIT, HIJACKER, Ransom Ware or RESOURCE EATERS (or normal Trojans)? It is possible to have all five or combinations of the five, such as a Rogue Hijacker or a Resource eating Rootkit. The three we are looking for at this point in the guide fall back onto question (a) Do you have control of your computer? If you answered yes please move to section 4. If you answered no we have some things to work on still, so you have control before we proceed.
Rogues generally have an interface (not all but most) they will appear as applications such as antivirus 2013, Registry cleaner pro, Malware Fighter 2010, and many more. Ransom Ware Lock you out of everything in your system and try to get you to pay to unlock it, they even lock you out of safe mode. Ransom Ware generally covers your entire screen with a picture and locks you out of every function on the PC the only option available is pay or so they want you to think. Hijackers usually target your browser for the internet and (navigating your system). Hijackers try to mine data from the user and use ad spammers to get additional clicks out of the user so they make profit from their ad links. If you open your browser for the internet and it goes to random site rather than your homepage, or you can’t change your homepage, or your browser opens random pages when surfing you have more than likely been hijacked.
>>If it’s a ROGUE get the name off the application header (you will need this if my method of removal does not work).
>>If you have any of the three I listed here go to appropriate Section 3 area.
Section 3: Emergency Virus Removal
1. Rogue- Do this
>> From a separate PC download this file and save it to a zip drive.
>> Optional (start in safe mode WITH networking)
>> https://mega.co.nz/#!aJxDkaQQ!CFNRhS...D8dH5ws5XAroWQ
>> Run the program off the Pen drive as administrator.
>> After it has run its course the Rogue should be disabled.
>> Now Download this Run it. Update and scan/remove the rogue
>> http://www.malwarebytes.org/mwb-download/
>> When the PC Restarts Run the Rouge killer again to verify the rogue was removed.
>> If it wasn’t try addition scanners in section 4.
>> Every time you restart the PC Run rogue killer till results = 0 even in future sections.
2. Hijacker- Do this
>> From a separate PC download this file and save it to a zip drive.
>> Optional (start in safe mode WITH networking)
>> https://mega.co.nz/#!aJxDkaQQ!CFNRhS...D8dH5ws5XAroWQ
>> Run the program off the Pen drive as administrator.
>> After it has run its course the Hijacker should be disabled.
>> Now Download this Run it. Update and scan/remove the rogue
>> http://www.malwarebytes.org/mwb-download/
>> When the PC Restarts Run the Rouge killer again to verify the Hijacker was removed.
>> If it wasn’t try addition scanners in section 4.
>> Every time you restart the PC Run rogue killer till results = 0 even in future sections.
>> Now go to your internet option in control panel.
>> Go to the advanced tab restore your browser to defaults.
>> Disable useless add-ons
>> Change your homepage
>> Save and test.
3. Ransom Ware- Do This
>> Get a factory restore disk or your operating system disk and use it as your bootable drive, under the options select a restore point prior to the ransom infection. No disk? Call manufacturer and order one.
>> Note you can run rogue killer from CMD prompt if you know CMD text and it will detect the ransom ware.
>>Proceed to section 4.
Section 4: Malware Removal, Tweaks, and Maintenance
1. First we will start off by cleaning up resources on your PC. To do this we will use a simple tool called the Microsoft Configuration Tool. To access this tool simply click start and in the search bar type MSCONFIG, it should pop right up. If you are on windows 8 please use your task manager for the next step. (An easy route to the task manager is control alt delete select task manager.)
2. Under the START UP tab in either tool disable everything (IMPORTANT- Windows 8 and laptop users DO NOT DISABLE TOUCHPAD DRIVER OR TOUCH SCREEN DRIVER. If you have a special mouse or keyboard (gaming specific) don’t disable their drivers).
3. Restart the PC for changes to take effect.
4. Now open any file or folder on the pc in the C:\ and click Organize you will see something that says folder and search options click it. If you couldn’t figure this out look it up (windows 8 is under options on right).
5. Under the view tab select show hidden folders and files Apply and click ok.
6. Time to clean out old software, go to control panel select uninstall software.
7. Now uninstall your current antivirus (Norton, MacAfee, Kaspersky, Microsoft security essentials etc. etc.)(IMPORTANT- Leaving an active scanner running after this point could cause a BSOD make sure your pc does not have an active antivirus also note Rogue ware does not apply to this rule since it isn’t a real antivirus.)
8. Uninstall old games, anything saying tool bar, and useless software you don’t use anymore this will save you loads of time when scanning your PC.
9. Go to control panel- Users/family and disable User Account Control.
10. Download Defogger and run/disable every restart of your PC
http://www.bleepingcomputer.com/download/defogger/dl/8/
11. Download and run Rogue Killer every restart of pc till it has 0 infection results.
https://mega.co.nz/#!aJxDkaQQ!CFNRhS...D8dH5ws5XAroWQ
12. Download and Run TDSSKILLER every Restart till results are 0 for infections.(save in different location then rogue killer they have the same name)
https://mega.co.nz/#!KZBiXYDA!RsV6k3...Ala-YgNKQ4_CYs
13. Run Malware Bytes Update-Scan-Remove
http://www.majorgeeks.com/mg/getmirr...malware,1.html
14. Uninstall Malware bytes.
15. Run Super Anti Spyware UPDATE- HIGH BOOST SCAN- REMOVE
Careful of false positives this software sometimes picks up files that are fine, written by free compilers like java homework, C++ homework, and such.
http://www.superantispyware.com/down...NTISPYWAREFREE
16. Uninstall Super antispyware
17. Install Advanced system care FREE (Skip this if you have a solid state drive AKA SSD)
http://dw.cbsi.com/redir?edId=3&site...t%3Ddl-6271865
>> Change user mode to expert
>> Check all boxes EXCEPT Disk scan and vulnerability check
>> Run it
>> Put check in box that says automatically repair
>> Restart for registry defrag
>> Open advanced system care again
>> Click toolbox
>> Install the driver scanner
>> Scan for out dated drivers
>> Install the drivers
>> Restart
18. Uninstall Advanced system care (check by date in uninstaller you will see a bunch of stuff that came with it to uninstall to like surf protection etc...) I like to keep the uninstaller and use it to remove remnants of rogues (in fact go head and use it to uninstall the rogue if it is still on the list and deep scan it, you can also use it to remove advanced system care etc.)
19. Install Avira Update- Scan- Remove
http://avira-free-antivirus.en.softo...d?ptn=avira-es
20. Uninstall Avira if you have other plans for security. Keep it love it use it if not. Configure the updates to be weekly or bi-weekly or it will update every 6th hour (in the event you choose to keep it).
21. Go to control panel- Security- Firewall- Restore default settings- Remove unwanted programs from exception list
22. Go to control panel- internet options- Advanced tab- Restore defaults- Never show physical location (if its grey do this- http://www.thewindowsclub.com/disabl...ation-browsers
)- Delete Cookies on exit. Set your homepage.
23. Optional (Create new restore point, run disk scan- By right clicking C drive and clicking properties.)
24. Delete TDSSKILLER, Rogue Killer, Re-enable defogger and delete it.
25. Check current date in uninstall list for anything you may have missed.
26. Uninstall all java stuff and get latest version from.
http://www.java.com/en/download/ie_manual.jsp?locale=en
Section 5: PC Protection
1. I prefer Avira its light weight and works well.
http://avira-free-antivirus.en.softo...d?ptn=avira-es
2. Spyware blaster is great 0 resource tool (when manually updating) to update a blacklist in your browser preventing known spyware sites from downloading stuff through your hidden ports.
Just update click enable protection close done.
http://www.majorgeeks.com/mg/getmirr...blaster,1.html
3. Run this once a day CCleaner
http://www.piriform.com/ccleaner/download/standard
Section 6: Tips for the future
1. Read the name of the files your downloading example Malware Bytes Anti Malware might be Mbam.exe, if the file you are downloading says something like Ebaydirect.exe it is not the right file and should be canceled.
2. Beware of ads, just because an ad says DOWNLOAD does not mean it is your download.
3. Always do custom installs, never change default browser, search provider, or install adware (toolbars) when installing something new on your PC.
4. Stay away from tool Bars.