Madruga
Senior Member
- Mar 16, 2011
- 1,003
- 1,629
If you are a tl;dr guy, skip this thread
As you well know, not all anti-virus softwares can do their job; some people doesn't even have one installed, and the list of why their computer was infested, can be unlimited; not to mention that not everybody who owns a computer, knows the difference between a virus, worm, trojan, spyware etc (click here for difference) and how he got him exactly. Thing is, at one point, everyone will get a "virus", noobie or pro.
(Example Story - Method)
Intro:
Little Timmy got a new computer on his birthday. The performance of his computer, was astonishing, so he started to install all sorts of programs, games, visiting all sorts of sites and so on. One day, his computer starts to act quite strange (random diagnostics). He calls his mom and dad, they take a look, they observe that their computer is infested with a worm, and that their current antivirus which was installed after the infestation, can't handle it. (Don't think cold on this, there are thousands of thousands of viruses, worms, trojans, all act differently, can bypass some anti-virus softwares, can create backdoors and so on)
So the journey begins. They start to read dozens of sites on Google, about the worm that infested their computer. As you well know Google, they will discover a lot of fake anti-whatever software sites, where they download it, scan the PC and find the problems, just that they need to pay in order to remove, and that's not even sure at all. Others, will get lost in numerous forums and sites, where people complains about this, just that rarely they will find a solution, or if they will, it will seem quite comlicated. On the other hand, some people will find those exact match [virus_name] removal, which will clean their computer. But not everybody finds that place. So, it's a complete mess, especially when you have your computer knocked up and acts crazy all the time, when you desperately try to fix it as soon as possible.
Method: Concept
What you have to do, is to find out a database of viruses, worms, spywares, trojans etc (example sites: source 1, source 2, source 3 and DO search for other sources, these are just some examples), chose one 'infection', and do your homework on that. Be sure that that is quite spread and the manual fix of it can be quite nasty. Usually worms are pretty much a fuckerty, but with a straight removal tool, they can get killed fast.
So let's say you selected this one: W32.Brontok. Some nasty worm that create .exe folders, and often, unexpectedly and repetitive restarts your windows like crazy. But it does more than that. Antiviruses won't remove it completely and the worm can 'heal' himself and attack again right away.
People will often read articles about the removal, like this: [DO NOT READ THE ENTIRE COPY/PASTE thing, just take a look & scroll]
So as you can see, this is the MANUAL REMOVAL of the worm. Well, maybe most of you down here, knows how to handle this one, given the instructions, but most of the people will get lost in the reading. Proof? Read the comments of the above article, click here.
Everyone wants the fast and easy way. Something that will fix everything by a single push of the button. Well, that exists too in this case, but they need to do a lot of searches, and avoid the tricky sites.
The tool who will fix this, is located here, provided by Bitdefender. What does it do?
The removal tool will:
So it basically does what it was said in the MANUAL process, just that everything is automated.
Method: Action
Do your research well. Find a worm/virus etc that it's pretty nasty and where the manual removal instructions are quite long and not so user-friendly. Also, be sure to find a removal tool for that 'infection' as well; you are a IM-er, you know how to use Google if you really need something.
Now, build a site with the exact name match, such as brontokremoval.com (which is available at the moment when I'm writing this post) or win32brontokaremoval.com or win32brontokbrremoval.com (a and br are some extensions of this worm). In some cases, you WILL or NOT need any serious SEO for it, but it depends what you choose. You can't go for alltrojansremoval.com (free as well) if you don't want to do some heavy SEO on it. But doing an exact match domain name of the "infection's" name + the word "removal" or "remover" + optionally the word "tool", will help you a lot in ranking your site. Remember, you target only one "infection", not all in one site, so be sure that the one you are choosing, is quite spread, not necessarily popular.
Make your site with 2 button options.
1) MANUAL REMOVAL [FREE] - you will rewrite some articles into one, talking about the worm, and how to remove it, with difficult fuzz (like in this page). Make everything nice, clean, but be sure to make it look pretty hard to actually remove it. Do NOT put any fake information regarding that; remember, there are many people who barely knows at all what is the 'cmd' command, just to say.
2) AUTOMATIC REMOVAL TOOL - Guarantee 100% [FREE*]
Here is where you will talk about how your removal tool, your brontok removal tool (not some Special_Extreme_Trolls_Removers.exe) can do all that what you mentioned in the Manual Removal instructions page, that it can be done in a few minutes by running this tool. Be sure to tell them that that tool will not only kill the worm and infected files, but will also [real EXAMPLE for brontok] Restore access to Regedit, Restore access to Folder Options, Restore the default values for those entries that the worm changes , Delete (or fix) the startup entries related to the worm. This will convince them that this tool is really the complete and ultimate solution for their problem.
So, after you'll make that smart description, add them the link to download the tool, which you already found somewhere else, by some hard search. Be sure to show them a virustotal scan in there about your tool, so that they can feel safe as well.
Content Lock the page where your Tool Removal is stored, and start banking $. Optionally, it would be a good idea to tell them that they need to complete a quick survey, in order to access the file, and also optionally, teach them how. You can tell them that tool is content locked, in order to prevent the "hackers" to not steal it, alter and infect it, and then distribute it again on the "netz". You can think of various reasons, or even to none. It's up to you.
That way, Jimmy's mom and dad completes a survey from your content locker, they get what they want, you get what they want. Jimmy gets his computer clean again, ready just to fuck it up once more, so that the parents can come again to one of your other sites (joking, because it's quite impossible considering the amount of viruses, worms and so on ;] )
*Really, don't go for the brontok worm, I gave this example so that you can understand the concept. You really have plenty of where to chose from. If you will however go for it, you will realize later why I advised you not to go.
This is an autopilot method, that can last and bank for many years, once it's done properly.
How to promote your site aside the SEO coming from the exact match domain? Well, many of you should know this already, but it never ruins to know that this can be done exactly like in the Reputation Method. You don't need to fix the other problems, just be sure to make new positive ones, to outcome the bad ones. When we talk about this method, be sure to make a lot of talking about your chosen 'infection', which will elad to your site. Try to use Y! Answers, Squidoo lens or post on forums about your problem, where you make an additional user and tell them how you fixed your computer by using the tool you found on your site. The methods of promoting it aside the organic traffic, are really vast.
If you didn't read all this post, don't bother to tell me tl'dr. Nobody cares. As for the others, remember that the key is to do your research well profound. What you'll make, will be on autopilot. And I'll leave it up to you to see what goes better, new 'infections vs old 'infections'. Don't go by a cold logic, it will kill you from the start.
Good Luck!
As you well know, not all anti-virus softwares can do their job; some people doesn't even have one installed, and the list of why their computer was infested, can be unlimited; not to mention that not everybody who owns a computer, knows the difference between a virus, worm, trojan, spyware etc (click here for difference) and how he got him exactly. Thing is, at one point, everyone will get a "virus", noobie or pro.
(Example Story - Method)
Intro:
Little Timmy got a new computer on his birthday. The performance of his computer, was astonishing, so he started to install all sorts of programs, games, visiting all sorts of sites and so on. One day, his computer starts to act quite strange (random diagnostics). He calls his mom and dad, they take a look, they observe that their computer is infested with a worm, and that their current antivirus which was installed after the infestation, can't handle it. (Don't think cold on this, there are thousands of thousands of viruses, worms, trojans, all act differently, can bypass some anti-virus softwares, can create backdoors and so on)
So the journey begins. They start to read dozens of sites on Google, about the worm that infested their computer. As you well know Google, they will discover a lot of fake anti-whatever software sites, where they download it, scan the PC and find the problems, just that they need to pay in order to remove, and that's not even sure at all. Others, will get lost in numerous forums and sites, where people complains about this, just that rarely they will find a solution, or if they will, it will seem quite comlicated. On the other hand, some people will find those exact match [virus_name] removal, which will clean their computer. But not everybody finds that place. So, it's a complete mess, especially when you have your computer knocked up and acts crazy all the time, when you desperately try to fix it as soon as possible.
Method: Concept
What you have to do, is to find out a database of viruses, worms, spywares, trojans etc (example sites: source 1, source 2, source 3 and DO search for other sources, these are just some examples), chose one 'infection', and do your homework on that. Be sure that that is quite spread and the manual fix of it can be quite nasty. Usually worms are pretty much a fuckerty, but with a straight removal tool, they can get killed fast.
So let's say you selected this one: W32.Brontok. Some nasty worm that create .exe folders, and often, unexpectedly and repetitive restarts your windows like crazy. But it does more than that. Antiviruses won't remove it completely and the worm can 'heal' himself and attack again right away.
People will often read articles about the removal, like this: [DO NOT READ THE ENTIRE COPY/PASTE thing, just take a look & scroll]
Manual removal steps:
- Disconnect your computer from the network
and disable file sharings, if any.- Disable System Restore (for Windows
XP/Windows Me only).
For Windows XP:
For Windows Me:
- Click Start.
- Right-click My Computer, and then click Properties.
- Click the System Restore tab.
- Select ?Turn off System Restore? or ?Turn off System
Restore on all drives? check box.- Click Start, point to Settings, and then click Control
Panel.- Double-click the System icon. The System Properties
dialog box appears.- Click the Performance tab, and then click File System.
The File System Properties dialog box appears.- Click the Troubleshooting tab, and then check Disable
System Restore.- Click OK. Click Yes, when you are prompted to restart
Windows.- Start your machine in Safe mode.
Update your Anti-virus software with the latest signature
files and scan your computer withthe Anti-virus to detect the
worm and delete any files detected as the worm by clicking the
DELETE button.- Delete the value from the registry.
You need to back up the registry before
making any changes to it. In correct changes to the registry
can result in permanent data loss or corrupted files. Modify
the specified subkeys only.
If you are still unable to open your registry, you may try
the following steps.
- Click Start > Run.
- Type regedit
- Click OK.Note: If the registry editor fails to open
the threat may have modified the registry to prevent access
to the registry editor. You can used a tool to resolve this
problem.
Download this
tool.
Navigate to the subkey that was detected by the anti-virus
and delete the value.- Exit the Registry Editor.
- Boot up the infected computer, but do not
login to the server, leave it at the login prompt.- Start up another clean computer, worm-free
computer which has an updated anti-virus software running and
an active firewall running preventing all inbound
connections.- From the clean computer, start REGEDIT.EXE
and click on File -> File -> Connect Network Registry.
Connect to the infected computer.- Modify the following values in
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsNTCurrentVersion
Winlogon
to the following values:- ?Userinit? = ?C:WINNTsystem32userinit.exe,? ?Shell? = ?Explorer.exe?(make sure that you enter the correct path to where
Windows is installed. For example on NT4.0 it is WINNT)- After completing the above steps, reboot
the infected computer.- Using the clean computer, map the C$ share
and scan it using the up to date anti-virus to remove any
infected files on the infected computer. Then, you should be
able to boot to the computer and then follow Steps 6 ? Steps
11.- Run a full system scan using an updated
version of Anti-virus software and delete any files detected as
worm.- Download and run a process management tool
or process viewer to kill all worm processes running on the
infected machine. The process management tool or the process
viewer is available according to the machine?s platform and can
be downloaded free from the Internet. For example users can
download and use the following process viewer:
http://www.sysinternals.com/Utilities/ProcessExplorer.html- Delete the scheduled tasks added by the
worm. Click Start, and then click Control Panel. (In Windows
XP, switch to Classic View.) In the Control Panel window,
double click Scheduled Tasks. Right click the task icon and
select Properties from pop-up menu. The properties of the task
is displayed. Delete the task if the contents of the Run text
box in the task pane matches the worm.- Enable the System Restore (for Windows
XP/Windows Me only).- Re-scan your computer with an updated
version of Anti-virus to confirm the computer is clean.- Re-connect your computer to the network once
confirmed clean.
So as you can see, this is the MANUAL REMOVAL of the worm. Well, maybe most of you down here, knows how to handle this one, given the instructions, but most of the people will get lost in the reading. Proof? Read the comments of the above article, click here.
Everyone wants the fast and easy way. Something that will fix everything by a single push of the button. Well, that exists too in this case, but they need to do a lot of searches, and avoid the tricky sites.
The tool who will fix this, is located here, provided by Bitdefender. What does it do?
The removal tool will:
- Find any Brontok-infected files on your computer
- Kill the worm's processes
- Restore acess to Regedit
- Restore access to Folder Options
- Restore the default values for those entries that the worm changes.
- Delete (or fix) the startup entries related to the worm.
So it basically does what it was said in the MANUAL process, just that everything is automated.
Method: Action
Do your research well. Find a worm/virus etc that it's pretty nasty and where the manual removal instructions are quite long and not so user-friendly. Also, be sure to find a removal tool for that 'infection' as well; you are a IM-er, you know how to use Google if you really need something.
Now, build a site with the exact name match, such as brontokremoval.com (which is available at the moment when I'm writing this post) or win32brontokaremoval.com or win32brontokbrremoval.com (a and br are some extensions of this worm). In some cases, you WILL or NOT need any serious SEO for it, but it depends what you choose. You can't go for alltrojansremoval.com (free as well) if you don't want to do some heavy SEO on it. But doing an exact match domain name of the "infection's" name + the word "removal" or "remover" + optionally the word "tool", will help you a lot in ranking your site. Remember, you target only one "infection", not all in one site, so be sure that the one you are choosing, is quite spread, not necessarily popular.
Make your site with 2 button options.
1) MANUAL REMOVAL [FREE] - you will rewrite some articles into one, talking about the worm, and how to remove it, with difficult fuzz (like in this page). Make everything nice, clean, but be sure to make it look pretty hard to actually remove it. Do NOT put any fake information regarding that; remember, there are many people who barely knows at all what is the 'cmd' command, just to say.
2) AUTOMATIC REMOVAL TOOL - Guarantee 100% [FREE*]
Here is where you will talk about how your removal tool, your brontok removal tool (not some Special_Extreme_Trolls_Removers.exe) can do all that what you mentioned in the Manual Removal instructions page, that it can be done in a few minutes by running this tool. Be sure to tell them that that tool will not only kill the worm and infected files, but will also [real EXAMPLE for brontok] Restore access to Regedit, Restore access to Folder Options, Restore the default values for those entries that the worm changes , Delete (or fix) the startup entries related to the worm. This will convince them that this tool is really the complete and ultimate solution for their problem.
So, after you'll make that smart description, add them the link to download the tool, which you already found somewhere else, by some hard search. Be sure to show them a virustotal scan in there about your tool, so that they can feel safe as well.
Content Lock the page where your Tool Removal is stored, and start banking $. Optionally, it would be a good idea to tell them that they need to complete a quick survey, in order to access the file, and also optionally, teach them how. You can tell them that tool is content locked, in order to prevent the "hackers" to not steal it, alter and infect it, and then distribute it again on the "netz". You can think of various reasons, or even to none. It's up to you.
That way, Jimmy's mom and dad completes a survey from your content locker, they get what they want, you get what they want. Jimmy gets his computer clean again, ready just to fuck it up once more, so that the parents can come again to one of your other sites (joking, because it's quite impossible considering the amount of viruses, worms and so on ;] )
*Really, don't go for the brontok worm, I gave this example so that you can understand the concept. You really have plenty of where to chose from. If you will however go for it, you will realize later why I advised you not to go.
This is an autopilot method, that can last and bank for many years, once it's done properly.
How to promote your site aside the SEO coming from the exact match domain? Well, many of you should know this already, but it never ruins to know that this can be done exactly like in the Reputation Method. You don't need to fix the other problems, just be sure to make new positive ones, to outcome the bad ones. When we talk about this method, be sure to make a lot of talking about your chosen 'infection', which will elad to your site. Try to use Y! Answers, Squidoo lens or post on forums about your problem, where you make an additional user and tell them how you fixed your computer by using the tool you found on your site. The methods of promoting it aside the organic traffic, are really vast.
If you didn't read all this post, don't bother to tell me tl'dr. Nobody cares. As for the others, remember that the key is to do your research well profound. What you'll make, will be on autopilot. And I'll leave it up to you to see what goes better, new 'infections vs old 'infections'. Don't go by a cold logic, it will kill you from the start.
Good Luck!