1. #1
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,762

    Malware Removal Posting Instructions

    Welcome to the Sysnative Security Arena

    You have likely found your way here due to suspected malware on your computer or a security check requested by a BSOD Analyst. We will do our best to assist you. However, in order to do so, please follow all instructions in the sequence given.

    If you have questions regarding any of the instructions or problems running any tools, please click the New Topic link and explain what problems you have encountered, including any error messages.

    Caution!

    1. Please do NOT use ComboFix or HijackThis without supervision of a qualified adviser. These are powerful tools that if used incorrectly may result in your computer becoming inoperable and cause further issues. We also request that you do not run any tools or fixes unless instructed once you've posted; if we're unable to keep track of which tools have been run it makes it harder for us, and ultimately you, to get the machine back up and repaired.
    2. Do NOT follow instructions that were provided to others, even if it appears to be a solution to your problem. Unfortunately each infection causes unique problems on each computer, malware is constantly updating and minor differences in the settings between machines can cause drastic effects when infected. Each fix provided is unique, and has been instructed based on detailed analysis of the logs.
    3. Finally, please note that your security programs may give warnings for some of the tools you will be asked to use. Be assured, any links that we provide are safe and have been used on thousands of machines. We will never link you to a malicious download. If you receive a UAC prompt, please approve the elevation.


    Step 1 - Backup your data!

    Backing up your data should be a standard part of your weekly routine, doing so prevents the loss of your important documents and photos that may be irreplaceable if lost. This is even more essential before any malware removal takes place, it is strongly recommended that all your personal data is copied to external media; i.e., CD, DVD or USB before running any tools.

    The most important data locations are usually "My Documents" on XP, and "Documents", "Downloads", "Favorites", "Music" and "Photos" on Windows Vista and later. If you are unsure how to back up your personal files, please see here for Windows XP, here for Windows Vista and here for Windows 7.


    Step 2 - Prepare Your Computer for Analysis

    Note: If you have run and fixed anything with any programs, please restart your computer before proceeding.

    1. Should you have more than one antivirus software installed, leave only one and uninstall any others.
    2. File sharing programs such as uTorrent, Bittorrent, LimeWire, Morpheus, Azureus, Kazaa are a major conduit for malware and a likely source of your current issues. It is requested that you uninstall any such programs prior to cleanup and to prevent reinfection.


    Logs Requested

    Note: Please do NOT attach logs. All requested logs are to be copy/pasted in your topic.

    1. Please download Farbar Recovery Scan Tool (FRST) and save it to your Desktop.

      Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

      1. Right click to run as administrator. When the tool opens click Yes to disclaimer.
      2. Press Scan button.
      3. The first time FRST is run, it will produce two logs in the same directory the tool is run from -- FRST.txt and (Addition.txt.
      4. Please copy/paste both logs in your reply.

    2. Please download Security Analysis and save it to your desktop.
      1. Close your security software to avoid potential conflicts.
      2. Double-click RGSA.exe
      3. Click OK on the copyright-disclaimer
      4. It will produce a log named SALog.txt on the Desktop or in the same folder from where the tool is run if installed elsewhere.
      5. Please post the contents of that document with the other requested logs.

      Notes: Windows 10 may pop up a warning message and the current java version on XP will show as "out of date".


    Step 3 - Posting Instructions

    1. Go to the Security Arena forum and click the New Topic link.
    2. Add a title that describes your problem. Please start your topic with a brief explanation of what is happening to your PC and any steps you may have taken on your own.
    3. Copy/paste checkup.txt from SecurityCheck to your reply.
    4. Copy/paste both FRST.txt and Addition.txt into your reply.
    5. Complete your post by pressing the Post button.
    6. Please review your post to ensure that all logs have posted. Some of the requested logs can be quite large so it may be necessary to split them over multiple replies. Be sure to check that the complete log has posted.

      Important Note: Please do NOT attach logs. All requested logs are to be copy/pasted in your topic. Due to forum restrictions, it may be necessary to post the requested logs in more than one reply.


    Final Notes

    1. Please continue to respond until you receive the "All Clear". Just because you cannot see a problem does not mean it isn't there.
    2. This site does not support the use of "cracked" programs. The presence of pirated/cracked software detected on your computer, may result in closure of your topic.
    3. If you are having problems with a business machine, please consult your IT Department or System Administrator. It is further advisable that you consult your employer's "Acceptable Usage Policy" to ensure that you are not in breach of Company rules by attempting to fix a business asset.
    4. Please be patient, the experts will review your logs and get back to you. However, they are all volunteers and may not be available to assist when you post.



    Thank you,

    Sysnative Security Team
    Last edited by Corrine; 03-10-2016 at 08:52 PM.
    zigzag3143, satrow, JaidynM and 9 others say thanks for this.


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2
    Corrine's Avatar
    Join Date
    Feb 2012
    Location
    Upstate, NY
    Posts
    7,762

    Re: Malware Removal Posting Instructions

    *Bump*


    Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

    Remember - A day without laughter is a day wasted.
    May the wind sing to you and the sun rise in your heart.

Similar Threads

  1. XP BSOD Posting Instructions
    By jcgriff2 in forum BSOD Processing Apps Download | Information | Discussions
    Replies: 3
    Last Post: 09-22-2012, 11:22 PM

Log in

Log in