07-01-2012, 06:48 PM #1
Malware Removal Posting InstructionsWelcome to the Sysnative Security Arena
You have likely found your way here due to suspected malware on your computer or a security check requested by a BSOD Analyst. We will do our best to assist you. However, in order to do so, please follow all instructions in the sequence given.
If you have questions regarding any of the instructions or problems running any tools, please click the New Topic link and explain what problems you have encountered, including any error messages.
- Please do NOT use ComboFix or HijackThis without supervision of a qualified adviser. These are powerful tools that if used incorrectly may result in your computer becoming inoperable and cause further issues. We also request that you do not run any tools or fixes unless instructed once you've posted; if we're unable to keep track of which tools have been run it makes it harder for us, and ultimately you, to get the machine back up and repaired.
- Do NOT follow instructions that were provided to others, even if it appears to be a solution to your problem. Unfortunately each infection causes unique problems on each computer, malware is constantly updating and minor differences in the settings between machines can cause drastic effects when infected. Each fix provided is unique, and has been instructed based on detailed analysis of the logs.
- Finally, please note that your security programs may give warnings for some of the tools you will be asked to use. Be assured, any links that we provide are safe and have been used on thousands of machines. We will never link you to a malicious download. If you receive a UAC prompt, please approve the elevation.
Step 1 - Backup your data!
Backing up your data should be a standard part of your weekly routine, doing so prevents the loss of your important documents and photos that may be irreplaceable if lost. This is even more essential before any malware removal takes place, it is strongly recommended that all your personal data is copied to external media; i.e., CD, DVD or USB before running any tools.
The most important data locations are usually "My Documents" on XP, and "Documents", "Downloads", "Favorites", "Music" and "Photos" on Windows Vista and later. If you are unsure how to back up your personal files, please see here for Windows XP, here for Windows Vista and here for Windows 7.
Step 2 - Prepare Your Computer for Analysis
Note: If you have run and fixed anything with any programs, please restart your computer before proceeding.
- Should you have more than one antivirus software installed, leave only one and uninstall any others.
- File sharing programs such as uTorrent, Bittorrent, LimeWire, Morpheus, Azureus, Kazaa are a major conduit for malware and a likely source of your current issues. It is requested that you uninstall any such programs prior to cleanup and to prevent reinfection.
Note: Please do NOT attach logs. All requested logs are to be copy/pasted in your topic.
- Please download Farbar Recovery Scan Tool (FRST) and save it to your Desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator. When the tool opens click Yes to disclaimer.
- Press Scan button.
- The first time FRST is run, it will produce two logs in the same directory the tool is run from -- FRST.txt and (Addition.txt.
- Please copy/paste both logs in your reply.
- Please download Security Analysis and save it to your desktop.
- Close your security software to avoid potential conflicts.
- Double-click RGSA.exe
- Click OK on the copyright-disclaimer
- It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
- Please post the contents of that document with the other requested logs.
Notes: Windows 10 may pop up a warning message and the current java version on XP will show as "out of date".
Step 3 - Posting Instructions
- Go to the Security Arena forum and click the New Topic link.
- Add a title that describes your problem. Please start your topic with a brief explanation of what is happening to your PC and any steps you may have taken on your own.
- Copy/paste checkup.txt from SecurityCheck to your reply.
- Copy/paste both FRST.txt and Addition.txt into your reply.
- Complete your post by pressing the Post button.
- Please review your post to ensure that all logs have posted. Some of the requested logs can be quite large so it may be necessary to split them over multiple replies. Be sure to check that the complete log has posted.
Important Note: Please do NOT attach logs. All requested logs are to be copy/pasted in your topic. Due to forum restrictions, it may be necessary to post the requested logs in more than one reply.
- Please continue to respond until you receive the "All Clear". Just because you cannot see a problem does not mean it isn't there.
- This site does not support the use of "cracked" programs. The presence of pirated/cracked software detected on your computer, may result in closure of your topic.
- If you are having problems with a business machine, please consult your IT Department or System Administrator. It is further advisable that you consult your employer's "Acceptable Usage Policy" to ensure that you are not in breach of Company rules by attempting to fix a business asset.
- Please be patient, the experts will review your logs and get back to you. However, they are all volunteers and may not be available to assist when you post.
Sysnative Security Team
Last edited by Corrine; 03-10-2016 at 08:52 PM.
05-28-2015, 10:17 PM #2
Re: Malware Removal Posting Instructions
By jcgriff2 in forum BSOD Processing Apps Download | Information | DiscussionsReplies: 3Last Post: 09-22-2012, 11:22 PM