Malwareteks: Forums / Malware Removal / Malware Removal Posting Rules [Updated: 24 November 2007]

Forums

Malwareteks :: Forums :: Malware Support :: Malware Removal		<< Previous thread \| Next thread >>
Malware Removal Posting Rules [Updated: 24 November 2007]


Moderators: ShadowPuterDude, tayspen, D3m3nt3d, Brandon, Neal, jholland1964, TurcoLoco, Windsor, JeanInMontana, RatHat, MrCharlie, evilfantasy

Author

Post

ShadowPuterDude

Fri Mar 16 2007, 10:06PM

...the Shadow knows

Registered Member #1

Joined: Thu Apr 27 2006, 04:52PM
Location: Northern NY
Posts: 217
Thanked 10 times in 10 posts

If you need help with Malware Removal, please post on the forum.

The below guidelines are for the Malware Removal Forum. They are intended to help you provide the Malware Fighter, working your thread, with enough information to start formulating a plan of attack to clean your machine; and for you to leave MalwareTeks with a safe, secure, functioning computer.

MalwareTeks does not condone the use of Pirated/Illegal software. If such software is found on your computer, the Malware Fighter assisting you will insist that the Pirated/Illegal software be removed. We reserve the right to refuse help to anyone who is unwilling to uninstall Pirated/Illegal software.
We insist that anyone receiving help, here at MalwareTeks, install a Firewall and Anti-Virus Program at a minimum to protect their system. If you don't already have these programs installed, the Malware Fighter helping you will recommend free programs for your consideration. If you are unwilling to install them, we reserve the right to refuse further help.
MalwareTeks uses both HijackThis version v1.99.1 and Trend Micro HijackThis version v2.0.2 to analyze logs, HijackThis needs to be run from a permanent folder of its own. DO NOT place HijackThis on the Desktop, in the My Documents folder, put HijackThis in a folder as indicated below:
- If you currently have HijackThis v1.99.1 installed and are not running it from a permanent folder, then create a new folder in any of the following locations:
  C:\HJT
  C:\Program Files\HJT
  C:\Program Files\HijackThis
  
  Place HijackThis.exe inside the newly created folder.
- If you currently have HijackThis v2.0.2 installed and are not running it from a permanent folder, then create a new folder in any of the following location:
  
  C:\Program Files\Trend Micro\HijackThis
  
  Place HijackThis.exe inside the newly created folder.

Start only one thread requesting help. Keep all questions in your thread. DO NOT start a new topic.

DO NOT start multiple threads related to the same problem.

If you don't know, stop and ask! Don't keep going on.

Continue to respond until you are given "All Clear" (Just because you can't see a problem doesn't mean it isn't there)

Once your case has been solved, the thread will be closed and moved to Resolved Malware Threads.

Your thread will be moved to Inactive Malware Threads, after 7 days of no activity.

DO give your new thread a meaningful subject. NOT something like "HELP1!!!!11111!!!1!" and such.

DO NOT use any form of Haxor, Leet speak, Net speak, IM speak and the such in any postings on this forum. Use only proper spelling, grammar, punctuation, and capitalization. The more time the person helping you has to spend trying to figure out what you are saying, the longer it will take them to formulate a response.

DO NOT post a request for help in someone else's thread. This can lead to confusion, and your post will be deleted with a message to start your own thread.

DO NOT post a HijackThis (HJT) log unless requested.

Many people are under the very mistaken impression that HJT is a Malware removal tool. It is not. HJT is simply a tool that is used to identify browser hijackers and in some cases will show entries for 'some' Malware that is, for instance, running at startup, but HJT by no means will show everything. Those who have infected computers and are relying on HJT without the benefit of running additional scans such as the ones listed in our Malware Cleaning Guide, are more than likely still infected. In most cases, where there is one Virus/Trojan there are more.

DO NOT send private messages asking for help.

DO NOT send emails asking for help.

DO NOT reply to any thread, offering help or any comments of any type in a Malware Removal thread unless you have been given express permission by an Administrator or Moderator.

This forum is monitored by the approved Staff Members, and any unauthorized posts will be removed. If you feel you have information which may be pertinent to the thread, PM either the Malware Fighter assisting the user or, an Administrator or Moderator.

If you are new to this forum and have experience with Malware removal and would like to help, please register as a member first, then send a private message to an Administrator or Moderator introducing yourself.

We cannot take the risk of anyone giving wrong advice and causing damage to someone's computer.

DO NOT post advice until given permission to do so by an administrator or moderator. All replies made by unauthorized persons are subject to deletion without comment.

Pre-Request Cleaning Steps

No system that has been infected can be trusted ever again. The only way to ensure that your system is safe again, is to do a 'Clean Install' of the Operating System. If your system has a 'RootKit' installed, there is a good chance your system is completely subverted by the RootKit; and is not to be trusted ever again. Malware comes in many forms; Spyware, Adware, Viruses, Trojans, Keyloggers, Remote Administration Tools and RootKits; ranging in difficultly to remove. Some can simply be removed by uninstalling the Malware via Add or Remove Programs in the Control Panel; others can be extremely difficult to remove. However the only way to truly be sure that the Malware is completely gone is to completely remove the partitions, format the drive, and do a 'Clean Install' of the Operating System.

If you don't take this advice and decide to do a manual clean instead of a reinstall of your system don't blame us if any sensitive data is stolen from you. The only reply you will ever get from us will be: "YOU WERE WARNED!"

In order to provide you assistance on this froum we require you to complete all the scans and steps, outlined in the Malware Cleaning Guide.

DO NOT post any logs without first completing the steps in our Malware Cleaning Guide, they will be deleted.

DO NOT copy and paste logs into your threads. All logs are to be attached to your post. Instructions on how to attach logs are included in our Malware Cleaning Guide.

[ Edited Sat Nov 24 2007, 10:57PM ]

"Only those who fail greatly can ever achieve greatly" - Robert F. Kennedy
Microsoft Most Valuable Professional - Consumer Security (2007-2008)
Member - Alliance of Security Analysis Professionals - Since 2006
Linux Registered User # 363218


Jump: Back to top