Help
This topic is locked
If you are not posting a log for analysis, then please do not post in this forum or reply in another member's topic. Only the Malware Removal Team or Staff members are allowed to assist members in the Malware Removal and Log Analysis Forum. This helps to avoid confusion and ensure the member gets the required expert assistance they need to resolve their problem. While we understand you may be trying to help, please refrain from doing this or the post will be removed. Thanks for your cooperation.
For those who do need assistance, please continue with the instructions provided by our Malware Removal Team: quietman7, daveydoom, Wingman, jmw3, Vino Rosso.
Keep in mind that there are no guarantees or shortcuts when it comes to malware removal, especially when dealing with backdoor Trojans and rootkits. Infections will vary and some will cause more harm to your system then others as a result of it having the ability to download more malicious files. Some infections are difficult to remove completely because of their morphing characteristics which allows the malware to regenerate itself. Sometimes there is hidden piece of malware (i.e. rootkit component) which has not been detected by your security tools that protects malicious files and registry keys so they cannot be permanently deleted. Other types of malware can even terminate your security tools by changing the permissions on targeted programs so that they cannot run or complete scans. Thus, sometimes it takes several efforts with different, the same or more powerful tools to do the job. Even then, with some types of malware infections, the task can be arduous. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. In those cases, starting over by wiping your drive, reformatting, and performing a clean install of the OS or doing a factory restore with a vendor-specific Recovery Disk or Recovery Partition removes everything and is the safest action.
Note for 64-bit system users: Anti-malware scanners and some specialized fix tools have problems enumerating the drivers and services on 64-bit machines so they do not always work properly. Microsoft created a new folder (C:\Windows\SysWOW64) that contains all the 32-bit .dll files required for compatibility which run on top of the 64-bit version of Windows. WOW64 is the x86 emulator that allows 32-bit Windows-based applications to run on 64-bit Windows but x86 applications are re-directed to the x86 \syswow64 when seeking the x64 \system32. For a more detailed explanation, please refer to Making the Move to x64: File System Redirection and WOW64 Implementation Details. Since this is the case, be aware that most of the tools we use for malware removal are designed for 32-bit systems and do not work or can give misleading results on 64-bit machines. For instance, running HijackThis on a 64-bit machine may show log entries which indicate (file missing) when that is NOT always the case. As such, if your system is infected, any assistance we can offer is limited and there is no guarantee all types of infections can be completely removed
Multiple Requests in the Malware Removal and Log Analysis Forum and Note to Repair Techs: TEG is set up to help the home computer user dealing with malware issues and questions relating to their personal computers. We will not provide assistance to multiple requests from the same member if they continue to get reinfected. We cannot provide continued assistance to Repair Techs helping their clients. We try to be as accommodating as possible but unlike larger help sites, that have a larger staff available, we are not equipped to handle as many requests for help. Our forum is an all volunteer forum and malware removal helpers are limited in the amount of time they can contribute. This means for each additional topic opened, someone else has to wait to be helped. This is unfair to other members and the malware removal helpers.
Our goal is to safely disinfect machines used by our members when they become infected. Attempting to clean several machines at the same time could be dangerous, as instructions could be used on different machines that could damage the operating system. As much as we would like to help with as many requests as possible, in order to be fair to all members, we ask that you post only one Malware Removal...Logs forum topic, for one machine, at a time. Home users with more than one computer can open another topic for that machine when the helper has closed the original topic.
Please be aware: Only members of the Malware Removal Team, Moderators or Administrators are allowed to assist members in the Malware Removal and Log Analysis. All others should refrain from posting in this forum. This helps to avoid confusion and ensure the user gets the required expert assistance they need to resolve their problem. Unauthorized replies to another member's thread in this forum will be removed, at any time, by a TEG Moderator or Administrator.
If you do not receive a timely reply: While we understand your frustration at having to wait, please note that TEG deals with numerous requests for assistance such as yours on a daily basis. As a result, our backlog is getting larger, as are other comparable sites that help others with malware issues. Our Malware Removal Team members which include Visiting Security Colleagues from other forums are all volunteers who contribute to helping members as time permits. Visiting Security Colleague are not always available here as they primarily work elsewhere and no one is paid by TEG for their assistance to our members. Please be patient. It may take a while to get a response but your log will be reviewed and answered as soon as possible.
Thank you for understanding and your cooperation.
The TEG Forum Staff
This post has been edited by quietman7: Yesterday, 04:57 PM
