SpywareHammer Malware Removal Forums => Post Here for Malware Removal ... => Topic started by: Bugbatter on January 05, 2012, 05:56:13 PM

Title: [NEW 2018 Instructions!] What Do I Do First?
Post by: Bugbatter on January 05, 2012, 05:56:13 PM
Welcome to SpywareHammer  :w

If you are planning on getting help with malware removal, you will need to post a diagnostic log in the forum.
1. To begin, please create a free account by registering. To do that click Register. (http://spywarehammer.com/simplemachinesforum/index.php?action=register) If you have already done so there is no need to register again.
* NOTE: Word-wrap should be turned OFF so that your logs format correctly when posted on the forum.

2. Please download Malwarebytes version 3 from the following link:
https://www.malwarebytes.com/mwb-download/thankyou/ (https://www.malwarebytes.com/mwb-download/thankyou/)

Double click on the installer and follow the prompts.
When the install completes and is updated do the following:

Open Malwarebytes, select > Settings > Protection tab

Scroll down to "Scan Options". Be sure Scan for Rootkits and Scan within Archives are both ENABLED.

Return to the "DashBoard". Select the Scan Now tab.

When the scan completes please deal with any found entries.

To access the log from Malwarebytes do the following:

If you feel that your computer is still infected please follow the instructions below to download and run the following tools as well:

Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save it to your desktop.

Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html (http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html)

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system. That will be the correct version.

*If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected software.
Be aware that FRST must be run from an account with Administrator status.

Security Analysis
 Please download Security Analysis by Rocket Grannie from here (http://spywareinfoforum.com/RGSA.exe)
Note: If you get a Warning from Windows about running the program, click on More info and then click Run Anyway to run it even though Windows says it might put your PC at risk.

3. Open the Malware Removal Forum (http://spywarehammer.com/simplemachinesforum/index.php?board=10.0)

4. On the right side Select the New Topic button.

5. In the Subject Line put a descriptive title such as "Pop Ups" or "Redirects", ("Fake Anti-Virus Pop-Ups", "No Internet Connection", "Virus in [file name]", “Many Adware Windows Opening”, "Unable to Update Security Software”, "Cannot Enable Anti-virus and Firewall". Titles that do not help us would be: "Help Me!", "My Log", “Do You See Anything Wrong?”, “Clueless”, “Here’s the Log”, “Malware” and other general titles.
 Do not include [In Progress] in your title. This is what Staff uses to note who is being helped and who is waiting. 

6. Copy and Paste your MBAM log and any other of the suggested logs into your reply as well as a brief description of the problem you are experiencing. Make sure you include the header of your log.  Including virus/trojan/worm names and locations if available is also helpful. 

7. Select the Post button. That's it. You will receive an email when a helper replies to your post..

A Few Helpful Tips
* Our trained volunteers will reply to your log as soon as possible. We appreciate your patience.
*  Please do not bump your topic. Replying to your new topic will cause the helpers here to skip over your log thinking that it is already being addressed.
* Please do not include suspicious links. You may, however describe the type or name of sites that you are having a problem with. By using links, you would be putting other members at risk if they click on them by accident. If you need to give information about sites that you are redirected to, please disable the links by using hxxp:// instead of http://
* Please feel free to ask questions and disagree politely, but do not argue with the instructions given. Profanity is not allowed. (This will result in your post being deleted)
* We appreciate your replying to the helper’s instructions in a timely manner. Threads are deemed inactive after a specified time. If you plan to be away for a few days, please inform your helper so that your topic will not be removed.

Topics in this forum are to be answered by Staff Only. Often users who think they may be helping, may actually be harming.

If You Desire to Help at SpywareHammer
 Please contact SpywareHammer Academy (http://spywarehammer.com/simplemachinesforum/index.php?action=profile;u=2643) about the possibility of training to become a Malware Removal Staff Member.