Proposed needed details

Learn about Computer Security Virus/Malware Removal Assistance
#1

When someone posts, what details should be needed. I have started this thread to get a list of things needed by people here to help someone. I can think of a few but might have missed something.

  1. What Operating System are you using?

  2. What service pack is your Operating System patched up to?
    a) Is the Operating System patched up-to-date?

  3. What Real-time virus product(s) are you using?
    a) If any, what version.

  4. What Firewall software/hardware are you running.
    a) If any, what version.

  5. What symptoms have you seen.

  6. If a program picked something up, what program was it. And also please paste the log from the program, we need specifically:
    a) Name of virus/trojan detected.
    b) Directory of the file and file name.

  7. GOTO: “http://www.spywareinfo.com/~merijn/index.php
    on the left hand side goto “Downloads tab”
    Select “Hijackthis”
    Download from a mirror.
    Instruction on how to use hijackthis:

     1. Once downloaded, extract it to it's own folder somewhere on your computer. (Do Not run from within the Zip file)
 2.  Make sure you logged onto an administrative account.
 3. Once extracted, run the "hijackthis.exe" that was extracted.
 4. Click "Do a system scan and save a logfile", wait a few secs.
 5. Once finished it should save a "hijackthis.log" file in the same directory as you ran the program from and open the file.

 6. Copy the contents of the file into your post, or attach the "hijackthis.log" file into your post, please do not zip it as this makes myself nervous because of file infecter viruses.

  8. Have you visited any places that you think you have have got this from. IE: Adult sites, file sharing programs, Illegal software. Since this is the internet, and we don’t know who you are i am sure this won’t be a problem. (:TNG)

  9. if you are getting pop-ups or “buy this”, “buy that” popups take note of the following and post them:

a) the site that shows a product that you did not as to go to (Redirected to).
b) And popups saying you have “XYZ virus, please download/buy X product” . We need to know the name of the product (X) it wants you to buy.

  1. What scans have you run so far?

cheers, rotty

#2

Great idea

Should probably get a Hijackthis log (or similar) right from the start. Sometimes/mostly the ■■■■ ware is a payload of something that may appear innocent to the user and not removing this can result in re-infection.

Doubt that anyone will remember the site the thing came from. Anyway, isn’t it always the kids fault? (Have heard that sooooooo many times).

Barry

#3

Yes, i know what you mean about the kids always doing it LOL. (:TNG)

I will add a link to the author’s site of hijackthis too!. Thanks for the idea.

Ok that is done, please if anyone can think of anything else that could be added or taken away, do post your suggestions !!!.

cheers, rotty

#4

Hi,

I have gone ahead and started a topic (stickied and locked) named “REQUIRED INFORMATION” it is based off of all of your suggestions above but with some modifications.

Thanks for your suggestion Rotty,
Justin

#5

No problem (:WAV)

#6

Should we add “firewall version” and “AV version” to the list?

#7

I’ll second that motion!!

#8

Also, service pack level.

#9

Great idea. On Cnet this is required and I always felt out of place asking these questions here as it seems they are usually skipped. I prefer to ask them, it can tell a lot and make a big difference. Thumbs up!

Paul

#10

Updated !!