Spyware Forum

Discussion in 'General Topics' started by meg, Jul 20, 2004.

Thread Status:
Not open for further replies.
  1. meg

    meg Registered Member

    Joined:
    Jul 20, 2004
    Posts:
    1
    Why can't I post a new thread on the spyware forum?
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    If you are trying to start a new thread with a HijackThis log in it, then you may have missed this new annoucenment:

    https://www.wilderssecurity.com/showthread.php?t=42148

    We just discontinued that function here, but the annoucement has a link to other sites that will help with HijackThis log reviews.
     
  3. hojtsy

    hojtsy Registered Member

    Joined:
    Dec 28, 2003
    Posts:
    351
    <* cough *>
    Why do you prohibit posting HJT/Ad-aware/... logs? Maybe some of the experts running that part of the forum agreed that they can not support it anymore, but ordinary members could still discuss the logs, can't they? What is the problem with that?
    -hojtsy-
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    Right, that's the main reason. But to add to that...

    The point of the policy is that we can no longer provide the expert analysis and cleaning services that people have come to expect when they post a HijackThis Log on a forum like this.

    This forum was in no way unique regarding having rules for posting and reviewing spyware logs. Just visit ComputerCops, SpywareInfo, Net-Integration, TomCoyote's, and so on, and you'll see almost all the same type of policies and guidelines as we were using (before stopping this today) governing the posting and working on hijack logs.

    And, it isn't the tool that's used that is the issue, that's why I added the footnote that said this policy change applies to the other types of logs as well. We didn't want to say it was just HijackThis logs, and then have a person come here and post: "I have an about:blank hijacker on my system, here's my Spybot Log. What should I fix?"

    Those types of general spyware analysis and cleaning operations won't be done here anymore regardless of the type of log or scanning tool used.

    However, we have left it so that the team members may still request such logs if they feel they would be useful for assisting with other problems.
     
  6. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi all

    I am a rather new member to this forum by comparison to many. (althought I posted few threads on this forum last week and received helps from various people which I greatly appreciate and thankful, I am still a novice)

    I joined WSF thinking that at last I can see light at the end of the tunnel. I can learn something that have prevented me for so long. Fear of I.T.

    I think WSF has been gold to many so far until WSF told them they no longer could support or to give advice to others.

    I do understand the lack of resources and knowledgable I.T. experts might be the cause of such bottleneck. Hence, no more advice or help and I don't mind that.

    But I feel that by banning / preventing people from posting New Threads might be a bit harsh. The reason is simple. There are plenty people with various knowledge that might still be very valuable to others when they are face with problems and those with slightly more knowledge may at least give somesort of "advice" or direction for solution (some might disagree but I just use the term advice). The way I see this is that it might help if the WSF team cannot cope with the HJack This post.

    I know I don't have any say in your forum as it is yours and you can do whatever you want.

    I just think that it is a pity to shut people out when people know they can get help on this forum but only to be prevented from posting new thread.

    I just feel that by shuting people out you might be become elitist (the steoretypical I.T. people are very intelligent but also look down on others). I.T. knowledge is therefore being held as ransom on others, who has no choice but to use I.T. (yes, you might argue that people have a choice not to use computer ... but that is not the case. Without computer you don't get hire etc.,)

    Therefore, people who frequent WSF might just be the one who in turn help persuade others to look at I.T. differently.

    Now that you want to shut them out. I just feel that it might just be a bit harsh as some might not know where to search for help.

    I do hope you can reverse your decision on this and let people post new threads again and let them solve the problem amogst themselves if all the experts are busy.

    Finally, I just think that WSF is amongst the best forum I have visited. Pity if you want to reverse that.

    Thank you

    Chew

    edited:

    p/s: my opinion is merely how I see things and no way trying to generalise to everyone. Just me as a novice computer user.

    Also I hope WSF doesn't read it negatively. :)
     
    Last edited: Jul 22, 2004
  7. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    First of all let me start by making sure that you understand that we have not prevented the posting of all New Threads here, only the posting of new, unsolicited HijackThis (or similar) logs for the purpose of getting general malware analysis and fix advice. All other forms of new posts and topics which were previously allowed across the many other forum sections here, remain allowed. Just no more HijackThis log threads.

    Now on the main point, a large amount of experience with HijackThis log threads here has shown that far too often bad advice is given by people not experienced in the latest forms of spyware infections. This malware changes constantly and the fix advice can drastically change with it. Yesterday's sure fix is today's certainty of corrupting a person's system. That's why the HijackThis forum section here limited reply postings to authorized team members only, as almost all the other similar security forums do. (We were not alone in this approach.)

    To you, it may sound like getting "some advice" or "partial advice", or advice "slightly above" the poster's own knowledge level would be helpful, but in reality it's a very bad idea. Partially good fix advice in HijackThis (ie. what to check and fix in HJT, or what files to delete, or whatever) can easily lead to rendering a system totally corrupted and causing a need to reformat it.

    At the very least, such partial fixes end up masking the real problem. You see, some of the hijack symptoms are very easy to find in HijackThis logs, and telling people to fix those is also easy. (We can all do that.) Unfortunately, without expert understanding that those are only symptoms and not the root cause, which will remain following poor or incomplete fix advice, the person's PC will end up in worse shape, and it'll be far harder to find the root cause now that some of the symptoms have been lost.

    While it'd be wonderful to think that we could just let people post HJT logs here and let anyone at all who wanted post fix advice... and hope that they'd only posted enlightened, intelligent and helpful fixes, unfortunately, that's just not reality.

    In the end when some people have totally corrupted systems, what do we answer them when they asked why we allowed such bad advice to be posted, which caused all their problems, when we could have simply advised them to go to one of the many other available forums that still operate properly supervised HJT forums?

    No, we're not going to do that here. We spent a couple months looking at the problem, many possible solutions and we even talked with other forum owners before taking this action.
     
  8. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Hi LWM

    First of all, I must apologise for one of the statement I posted above.

    Yes, I agree. You Have NOT prevented everyone from posting on the forum. Only the HJack This section.

    It might just be me because I tried to post on the forum this afternoon but I couldn't. I was trying to post on other section and Not Hjack This. (ahem! I don't even know there is a section on Hjack This to be honest :oops:). I guess it might be my low computer knowledge. :)

    Anyway, I will stick around. Still trying to learn.

    Cheers

    Chew
     
  9. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    LWM went into a lot of detail, but with regard to expert reviews being needed for proper "diagnosis and treatment" when running HJT and the like, it boils down basically to a classic case of "a little knowledge is a dangerous thing."

    The experts-only requirement, while widespread and very practical, is unfortunately not universal. I'm appalled when I see on some other forum-sites someone talking about having scanned and "fixed" using HJT without ever having conferred with anyone else in the process.

    And judging from some of Paul's notes in the Guidelines-and-FAQ's forum, it's been quite common for even a skilled expert to want a second or even third opinion when putting together recommendations to the specific user. Sure, anyone can run a HJT scan -- but deciding what and how to fix must be left to the experts.

    Best to all,
    Mike
     
  10. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good post Mike.

    Cheers :D
     
  11. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    There are a few "read-only" forums here such as the Announcements, FAQs and the various archived/out-of date forums. I believe it is fairly obvious why those forums don't accept new threads from members, but only from staff. (By the way, the HijackThis forum section is actually called: "adware, spyware & hijack cleaning". ;) )

    You can tell a read-only forum by the symbol on the left side of its name on the main index page, it shows a lock: [​IMG]

    In any case, if you find a forum where you can't make a new thread, but think you ought to be able to, just let me know and I'll look to see if there is a problem, or if it is supposed to be that way. :)
     
  12. chew

    chew Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    515
    Location:
    GeordieLand.
    Thanks everyone for your explanation.

    Ahem! I thought it was that simple :oops:.

    Anyway, I feel at home now.:D

    Cheerio

    Chew
     
  13. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Well, I am surprised about the HJT section... NOT that it closed, but that it LASTED AS LONG AS IT DID!!!.

    Why?

    Well, it was obvious that it was getting to be a huge burden with lots of help being asked for and only a handful of dedicated Spyware Fighters to do the helping. :(

    I have seen numerous posts over the past few months with "help, infected AGAIN!" in it... sheesh... people never learn. :(

    Also a "quick fix" I have seen in some other forums were: "Go post it at Wilders, they will help"... no wonder it was getting swamped.

    The very seriousness of the infections, especially with CWS, VERY involved to remove, meant a lot of time, energy and research was needed to cure it.

    While some of the 'symptoms' of CWS are easily seen....the 'detection' of the main culprit (the super hidden dll) that comes with the most recent and most difficult to remove infection are now near to impossible to remove without Top Level Expert advice!

    It's not just a matter of running HJT, check this, then FIX, etc. The order of removal of certain things was of the utmost importance also. The deeply imbedded dll files had to be removed in the right order, etc. before anything else could be done.

    Did Wilders 'Give Up'?. HELL NO ..... just got smart [well, they were always smart, heh! ;)] but knew that people had to help themselves eventually, you cannot spoonfeed them all of the time.

    A forum cannot survive if the few good people are taken away from the everyday issues and spend all their free time trying to come up with fixes. You must remember, that the CWS thugs are PAID for their time, the volunteers here are not, and have lives to live and families to support.

    The few observant ones among us would have noticed a distinct lack of postings by some of the helpers over last couple of weeks, simply because they were getting "burnt out". I bet a majority of people who think it's ok to keep asking for FREE help, and do not take advice, would not expect to get FREE treatment/advice from a "Doctor"...

    Actually I think a damn good "reformat problem solver" may be the thing needed for certain individuals to wake up to themselves. Yes, fair enough that in some instances even the best of us can get caught, but the number of times I have seen HJT logs and NO AV even running.... ROFL... like driving a bloody car without a seatbelt and with a blindfold on.

    Only one thing left to say at this point......

    MY HAT'S OFF TO ALL THE GUYS/GALS WEARING THE SPYWARE FIGHTER TAG.
     
    Last edited: Jul 23, 2004
  14. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Good post Tas, I had a customer in one of my shops today with 44 viruses who insisted her free virus protection was good, and that it had come recommended by a “Microsoft shop”. That she didn't want to purchase a actual virus program that worked. Two of my team tried to say she needed it, to no avail. I stepped in when she arrived to collect her now clean PC and said she was here because her virus protection did not work, and that she would be reinfected again, that she was spending money on removal and would continue to spend even more money on removal, instead of prevention. She finally saw the light and purchased a good anti-virus.

    Some people get hit and don't want it to happen again, others seem to like being hit, and are continually dazed as to how or why it happened... doh, bashing my head against a brick wall hurts, why won’t the bricks move, why does my head hurt…

    It's the old saying, you can lead a horse to water, but you can't make it drink...

    Cheers :D
     
  15. PepsiMax

    PepsiMax Registered Member

    Joined:
    Jul 21, 2004
    Posts:
    12
    Location:
    UK
    I'm new here also, but I'm sure that the guys in charge will allow me to express an opinion on this matter. Afterall, isn't that what discussion forums are for; Places in which to give, and listen to the opinions of others, then debate and argue them, as well as being places to seek and provide help :)

    To me the bottom line concerning the prohibition of HJL postings, on a discussion forum primarily related to computer security issues, is like an automobile without an engine. It just doesn't make any sense. The internet, and discussion forums on the internet, should be the last places in the world to stifle freedom of speech, especially when that speech isn't abusive in any manner.

    Looking around this site I see a lot of members asking for help, and providing help to others. That is how it should be. I can't understand why though, in the case of HJT logs, members who are able to ask for and provide help in all other areas of the site, find themselves prevented from doing so by the moderators.

    If you were to allow HJT logs to be posted, and if you were to post a "disclaimer" at the top of any forum area they are permitted in, stating that HJT logs may be analysed by another member of the site but that no assurance of this will be given, then that takes the pressure right off anyone to respond where HJT logs are concerned. It also restores the basic freedom of speech principal that the internet has grown up around.

    There are many many places where HJT logs are posted and, thinking of just one, where they are responded to extremely quickly. This place, as a discussion forum dedicated to security matters, should be one such place that gives people the option of posting HJT logs or not, and members the option of replying to them.

    Thanks for allowing me to post this :) Ultimately the decision to allow the posting of HJT logs, or not, is up to the site owner. Whilst I can appreciate the reasons given for not allowing the posting of HJT logs, the internet is about giving people choices and not about removing their choice.
     
  16. Eldar

    Eldar Registered Member

    Joined:
    Jul 12, 2004
    Posts:
    2,126
    Location:
    Vilvoorde (Belgium)
    :eek: What good will that do, if someone destroys another person's computer by invalid information. We need experienced warriors, not freshmen.
    Freedom of speech is valuable, I agree, but I don't think it would apply to examining HJT logs by outsiders.
    Just my opinion of course. ;)
     
  17. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    It is a fact that people visiting forums rarely read any of the following: Registration agreements. Forum TOS. Posting guidelines. Sticky threads. FAQs. Previous threads on the same subject as they are about to post. And so on.

    For proof of the above just read through thread after thread of people asking things that are clearly explained in any one of the above mentioned items. The threads in forums like SpywareBlaster especially scream out the proof of this.

    So, posting a disclaimer at the top of a forum or page about the fact that people could easily be getting horrible advice and "use at your own risk" does not address the issue at all. Sure, we can probably avoid any liability, but that is hardly what we are after.

    As to what our thoughts are, they are clearly explained in my previous posts on this subject.
     
  18. MikeBCda

    MikeBCda Registered Member

    Joined:
    Jan 5, 2004
    Posts:
    1,627
    Location:
    southern Ont. Canada
    If I may get slightly off-topic, but address a point that's been raised just in this topic several times: Free speech. Please don't ever use that as an argument in favor of anything on the internet.

    I don't care which of the millions (billions?) of websites in the world you're at, it's owned and operated by somebody and you're subject to one form or another of rules of conduct there, even in something like sex-chat.

    If you "visit" a site, you're literally visiting someone else's place -- you wouldn't dream of claiming a right to free speech in their home, so why do it on their website?

    Best to all,
    Mike
     
  19. PepsiMax

    PepsiMax Registered Member

    Joined:
    Jul 21, 2004
    Posts:
    12
    Location:
    UK
    And you're allowed to give that opinion, just as I gave mine, thanks to freedom of speech. Something the internet is built upon ;)

    Naturally, nobody wants anyone to give or receive any false information concerning any issues that this (or any other "specialised" site) deals with, but that's the beauty of allowing people the freedom of speech, and the freedom of choice. Every single one of us has the choice to give information, help or advice, and similarly, every single one of us has the choice of accepting any information, help and advice we may be given, or not ;)
    I believe you. People clearly ignore "the small print" in all walks of life, and the internet is no different. That however does not negate the fact that "the small print" exists, and if anyone is foolish enough not to read the same, then as the saying goes, "caveat emptor". If you're saying, strictly, that you personally and others who own and run this site, are absolutely not prepared to allow any help or advice to be given on a certain topic (in this case HJT logs and their analysis), because you are wary of the quality of help and information being reflected upon yourselvs, then that's extremely understandable but, that's not the way you're putting your case across :) There are thousands upon thousands of sites similar to this on the internet, where people go to receive and offer help and advice to others. They thrive because the participants freely and in their own time are prepared to help others, and not because a site with for example, five moderators, relies solely on those five moderators to offer help and advice. If a site is to prohibit any one discussion on a subject very relevant to the purpose of a site (in this case, internet and pc security), they may as well prohibit all discussions on all aspects of the nature of the site, unless of course, only highly trained and vetted individuals are permitted to give help and advice.
    Yes, you are ever so slightly off topic but isn't this freedom of speech thing just great. It's allowed you to express that opinion of yours :)

    Freedom of speech works two ways Mike. You only gave the example of a site owner having the absolute and last right to say what is or is not permitted on the website. The other side of this is that if for example, you don't want anyone discussing CART racing on a website you've set up, then you don't base the website around the subject of CART racing in the first place ;)
     
  20. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,876
    Location:
    New England
    No, actually the posting of these opinions is possible because we provide this place to post them. No more, no less.

    PepsiMax,

    It's obvious you like and are good at making these kind of theoretical arguments. I'm sure you can reply a dozen more exchanges just like this, turning whatever anyone posts here to suit your argument, but it's a waste of time.

    Mike was correct in what he posted above. This website is not some kind of public trust, funded by some central collective of mankind, where it must accept any and all topics for discussion. It's a privately owned site where the operators have their right to decide which topics can be discussed.

    That's really all there is to it.
     
  21. rbw91

    rbw91 Registered Member

    Joined:
    Apr 15, 2004
    Posts:
    57
    Well I just want to throw my two penneth in and say a big thanks to all the guys and gals on here who have taken time to look at my posts and questions and come back to me with answers.

    I agree that I am surprised that HJT advice has gone on for so long.

    Countless times I have seen the same advice and the same corrections given.

    How many people run HJT from the temp folder or the desktop DESPITE IT BEING AS PLAIN AS A PIKESTAFF that it should not be run from there?

    People without AV, Firewalls etc taking no care to ensure that they are trying to make the security expert's time as efficient as possible? It must be absolutely infuriating for the experts to see sheer laziness on the part of the ignorant people who do not take time to understand what is required before posting.

    I DON'T blame you!!!!

    All the best people.
     
  22. PepsiMax

    PepsiMax Registered Member

    Joined:
    Jul 21, 2004
    Posts:
    12
    Location:
    UK
    Thank you :) Yes, I do enjoy good discussion, and yes, I am good at it. I shall however, refrain from putting any further arguments across, especially as I've just seen this; A newcomer to your site, who didn't post a HJT log for analysis, and possibly someone who may not even know what a HJT log is, gets his thread locked. Looks like the work of the secret police, not moderators to me ;)
     
Thread Status:
Not open for further replies.