Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Instructions for posting advice in Am I Infected Forum


  • This topic is locked This topic is locked
1 reply to this topic

#1 harrythook

harrythook


  • Security Colleague
  • 4,152 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia
  • Local time:05:56 PM

Posted 19 August 2009 - 08:43 PM

Instructions for posting advice in the "Am I Infected" (AII) Forum

As a member of Bleeping Computer you are allowed to interact with others that post for assistance in this forum only. Any advice given is subject to modification or removal by the moderating team. We appreciate the fact that you are trying to help others, but we require that this advice be kept general, minimally invasive and provided only in the Am I infected? What do I do? forum which is dedicated for such assistance.

That means you are not permitted to offer malware removal advice or provide instructions to run security tools in any other forum on this site. This includes all the rules and instructions noted below which are also applicable to other forum areas.

Preliminary scans and active scans from common security cleaning tools, online virus scanners and non-malware related tools are allowed to be used here along with requesting any logs they generate. There are too many security cleaning tools (well known and not so well known) to list in this topic but in most cases we have no restrictions except for those noted below. However, you must have knowledge as to how any recommended scanning tool works, provide appropriate instructions and be able to interpret the logs they generate. DO NOT just advise perform a scan with such and such tool and then only provide a download link. Modification of OS settings and general tweaks to resolve problems is allowed as well as advice for anti-virus and other security protection programs.

Posting of direct downloads links for any software is NOT permitted from file uploading/downloading hosting sites, personal sites and file sharing sites. This is for the safety of our members since Bleeping Computer has no control of files hosted at such sites.

As per the Forum Rules, posting links to non-Bleeping Computer malware removal guides is NOT permitted with the exception of security vendors who sometimes release specialized tools and instructional documentation. This is because it is impractical for BleepingComputer to monitor and review all such guides for accuracy, no matter how accurate those guides may, in fact, be.

Keep in mind that Bleeping Computer is a site where we offer assistance to those who know very little about computing. As such, our forum discussion board and tutorials are targeted more for the novice user since they comprise much of our membership. We provide help based on that premise because it is impossible for us to know the extent of a member's background, knowledge level and experience level until we get to know them. We also keep this in mind when writing replies so step by step instructions should be included in replies.

We also have many experienced/professional members who contribute technical assistance to others and we certainly welcome those individuals who fall into that category...including their opinions and experience in various aspects of computing. As such, they may offer assistance or make suggestions in the same topic where you have already provided assistance to someone. All this makes Bleeping Computer the great community it is and stand apart from many other forum boards.

Posting instructions for the use of the following by non-staff members is prohibited in this area, as well as in ALL other areas of the BC forums. This list contains tools and procedures that are forbidden, the instructions for using similar tools or procedures should not be posted here, or elsewhere on Bleeping Computer forums, without prior Staff approval.
  • ComboFix instructions.
  • HiJackThis, DDS, OTL, ZOEK, RSIT, RogueKiller instructions.
  • FRST (Farbar Recovery Scan Tool).
  • Manual rootkit removal using non-automated and advanced ARK tools (MBRCheck, MBR.exe and Esage Bootkit Remover).
  • Automated registry cleaners.
  • Advanced Registry instruction. Simple registry fixes are permitted but they must be accompanied with a warning to back up the registry first.
    The BC staff will monitor (review) registry fixes and if we determine they are dangerous or incorrect, the instructions will be removed.
  • Custom scripts, batch files.
  • Other specialized fix tools the BC Staff deems untrained members should not recommend for use.
Note: This list is not limited and we may add to it as necessary. These restrictions are in place to ensure that only safe and effective methods are given to members seeking help with a malware problem.

WHY are these tools restricted? Most of these tools require guidance and supervision by trained experts. Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible.

General discussions and support questions for these tools are permitted, including anything that is publicly known and available in Internet articles. However, the proper place for such discussion is in the Anti-Virus and Anti-Malware Software Forum.

Related topics:

Edited by Grinler, 26 February 2017 - 05:20 PM.
Updated

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

BC AdBot (Login to Remove)

 


m

#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 49,920 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:56 PM

Posted 18 January 2012 - 02:35 PM

Rootkit intervention in AII


Please note, Root Repeal, TDSSkiller and GMER have been added to the list of allowed tools to be run in AII. These tools are to be used for scanning and automated removal only. Those who recommend another member run scans with any of them must have knowledge as to how they work, provide appropriate instructions and be able to interpret the logs they generate. If there is an indication of a rootkit present that cannot be removed with these automated tools, the member should be referred to the Virus, Trojan, Spyware, and Malware Removal Logs forum.

Advanced tools like aswmbr and MBR.exe are not allowed, except for diagnosing and disinfection purposes when requested by trained experts on our Malware Response Team.

Note: This list is not limited and we may add to it as necessary. These restrictions are in place to ensure that only safe and effective methods are given to members seeking help with a malware problem.

As there are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by Malware Response Team members or above (qualified Moderators, Administrators and Advisors).

WHY are anti-rootkit tools restricted? Many of them are powerful advanced user tools which require guidance and supervision by trained experts. Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible.
 

Only Malware Response Team members or above should be posting advice about this infection!


.
.
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Microsoft MVP Reconnect 2016
Windows Insider MVP 2017
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users