Malware Removal Posting Instructions

Status
Not open for further replies.

Corrine

Administrator,
Microsoft MVP,
Security Analyst
Staff member
Joined
Feb 22, 2012
Posts
12,345
Location
Upstate, NY
Welcome to the Sysnative Security Arena

You have likely found your way here due to suspected malware on your computer or a security check requested by a BSOD Analyst. We will do our best to assist you. However, in order to do so, please follow all instructions in the sequence given.

If you have questions regarding any of the instructions or problems running any tools, please click the New Topic link and explain what problems you have encountered, including any error messages.

Caution!

  1. Please do NOT use other tools without supervision of a qualified adviser. These are powerful tools that if used incorrectly may result in your computer becoming inoperable and cause further issues. We also request that you do not run any tools or fixes unless instructed once you've posted; if we're unable to keep track of which tools have been run it makes it harder for us, and ultimately you, to get the machine back up and repaired.
  2. Do NOT follow instructions that were provided to others, even if it appears to be a solution to your problem. Unfortunately each infection causes unique problems on each computer, malware is constantly updating and minor differences in the settings between machines can cause drastic effects when infected. Each fix provided is unique, and has been instructed based on detailed analysis of the logs.
  3. Finally, please note that your security programs may give warnings for some of the tools you will be asked to use. Be assured, any links that we provide are safe and have been used on thousands of machines. We will never link you to a malicious download. If you receive a UAC prompt, please approve the elevation.
Step 1 - Backup your data!
Backing up your data should be a standard part of your weekly routine, doing so prevents the loss of your important documents and photos that may be irreplaceable if lost. This is even more essential before any malware removal takes place, it is strongly recommended that all your personal data is copied to external media; i.e., CD, DVD or USB before running any tools.​
The most important data locations are usually "Documents", "Downloads", "Favorites", "Music" and "Photos". If you are unsure how to back up your personal files, please see here.​


Step 2 - Prepare Your Computer for Analysis

Note: If you have run and fixed anything with any programs, please restart your computer before proceeding.

  1. Should you have more than one antivirus software installed, leave only one and uninstall any others.
  2. File sharing programs such as uTorrent, Bittorrent, LimeWire, Morpheus, Azureus, Kazaa are a major conduit for malware and a likely source of your current issues. It is requested that you uninstall any such programs prior to cleanup and to prevent reinfection.
Logs Requested

Please download Farbar Recovery Scan Tool (FRST) and save it to your Desktop.

Notes:
  • You need to run the version compatible with your system (32- or 64-bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • If your operating system is not English, rename the downloaded file as EnglishFRST64.exe (64-bit), or EnglishFRST.exe (32-bit) so the resultant log will be in English.
  1. Right click to run as administrator. When the tool opens click Yes to disclaimer.
  2. Press Scan button.
  3. The first time FRST is run, it will produce two logs in the same directory the tool is run from -- FRST.txt and Addition.txt.

Notes: Windows 10 may pop up a warning message and the current java version on XP will show as "out of date".

Step 3 - Posting Instructions

  1. Go to the Security Arena forum and click the New Topic link.
  2. Add a title that describes your problem. Please start your topic with a brief explanation of what is happening to your PC and any steps you may have taken on your own.
  3. Attach both FRST.txt and Addition.txt to your reply.
  4. Complete your post by pressing the Post button.
  5. Please review your post to ensure that all logs have been posted. Some of the requested logs can be quite large so it may be necessary to split them over multiple replies. Be sure to check that the complete log has been posted.
Final Notes
  1. Please continue to respond until you receive the "All Clear". Just because you cannot see a problem does not mean it isn't there.
  2. This site does not support the use of "cracked" programs. The presence of pirated/cracked software detected on your computer may result in closure of your topic.
  3. If you are having problems with a business machine, please consult your IT Department or System Administrator. It is further advisable that you consult your employer's "Acceptable Usage Policy" to ensure that you are not in breach of Company rules by attempting to fix a business asset.
  4. Please be patient, the experts will review your logs and get back to you. However, they are all volunteers and may not be available to assist when you post.

Thank you,

Sysnative Security Team
 
Last edited:
Status
Not open for further replies.
Back
Top