First, thank you for bringing up your concerns and what you perceive as illogical practices here at the site. These types of topics
do help and are
appreciated in fine tuning how do we do things here.
I would like to help out here, but one problem I'm seeing is the use of automated malware removal tools (or detection) in situations which do not require their use. One example: a person is having BSODs and says that they have tried to use several virus/malware scanners to no avail. A staff member comes along and posts instructions (I'm guessing a copy+paste) on how to use DDS, which the OP has already said did not run. Now, the logical solution for diagnosing BSODs is to post a crash dump and analyze the BSOD using WinDbg. I don't know how using more automated scanners would help.
In some situations you are right and others I disagree. BSOD can be debugged using WinDbg. Culprits can also be seen by certain log creators as certain malware device drivers are known to blue screen due to poor programming. It depends on where the person posts their problem. If they post in AII, then it is typically accompanied by a message like "I opened an attachment I shouldn't have and now get blue screens.". That alludes to a malware infection, so we go down that route.
If someone posts in the Windows section stating that they installed new drivers recently and now they are bluescreening then WinDbg would be a good place to start.
Here's another example: a person asks about the presence of $RECYCLE.BIN directories on their local hard drive and removable disks. A staff member posts instructions on how to use DDS (as usual). The scan reveals nothing significant (only PopCap). The staff member asks the OP to use Malwarebytes' anti-malware. Not to be rude, but this "staff member" should know what $RECYCLE.BIN and desktop.ini are. $RECYCLE.BIN is where recycled files are stored, and desktop.ini is a system file which tells explorer how to display a folder.
Your right, $RECYCLE.BIN is used by Vista. The Recycler folder is used for older versions, including XP, and are contained in the root of each drive partition. Staff members at BC are not necessarily known for their technical knowledge, but for their help moderating the board. A good moderator does not necessarily mean that the person is an expert technically.
One more example: a person asks about a possible malware infection and attaches a DDS log. A staff member posts instructions on how to use DDS.
Can't really argue that one

From what I can deduce non-staff members cannot help users with problems in the HJT log area, which is a little too restrictive. Sure, some people may give bad advice, but what's the chance that a newbie will delete C:\Windows\explorer.exe or something just because someone says so? And I'm a bit frustrated that the training program never seems to have any slots available... (but that's another issue)
I disagree entirely with it. It is because people were acting on unsound advice that we put in those restrictions in the first place. Many of our users do not have a lot of computer knowledge and may use wrong instructions without realizing they are doing more harm to their computer than good. As the malware removal section uses programs that can cause a computer to not boot up properly, it was required that we restrict it only to people who we/I feel know what they are doing.
As for the trainee program, you can message one of the study hall admins to get on the waiting list.
Now this staff member is calling my advice improper when it has actually solved the OP's problem and is 99.99% likely to be correct. This is the kind of thing I'm talking about. No offense to those involved, but this is just incompetence on the part of the staff members. Two malware scanners have already been used, both reporting absolutely no malware, yet the message is "keep on using malware scanners". huh.gif (and this is in the "am I infected" forum)
Norton 360 is not realiable enough. I would have recommended a different scan as well. As you can see from a KAS scan there is some questionable items there. So the advice was not necessarily wrong to continue down the malware approach. As you can see there are a variety of keygen/cracks/warez there. I know you think those are mostly false positives, but I can tell you for sure this is not the case. In fact if I want to find the latest malware, I typically infect myself from files found at crack/warez/p2p sites.
As for your advice, it was correct. The information you gave does indeed fix the problem of the recycler and desktop.ini files from showing. What though caused them to be seen in the first place? Had to be something, right? ShowSuperHidden and other hiding file entries are user specific, not local machine. So my guess is some malware did it or the user did it. You are right that malware typically makes that entry have a value of 0. On the other hand, malware writers are sloppy and i have seen the reverse happen from time to time.
I was not talking about using the malware scanners. I was talking about how the other staff member told me my advice was wrong (without explanation), which is just completely ridiculous. This contradicts what PropagandaPanda said about "The opinions of all members, regardless of their experience, are respected." Clearly, the staff member involved was implying their superiority, which again, is completely ridiculous in this place.
I agree, you should not be told you are wrong without a reason giving why. Can you point me out the thread where a staff member said this?
I also have to admit that We do tend to be a bit heavy handed with anti-malware scanners in the AII forum for a few reasons:
- Because users are posting there because they think they are infected.
- We do not allow certain tools to be used that give us more information as to what is running (DDS, Hijackthis, or Combofix)
I am not saying we are always right in how we do things, as we are not and we are constantly evolving our approach. Also members are all welcome to help in AII using the guides found
here. On the other hand, if someone gives bad advice, we are going to call them out on it, not to make the member feel like an idiot, but to protect our members, which takes precedence. If anyone feels they are not receiving fair treatment in how they express their knowledge or suggestions, then please let a
Site Admin know.