Download the Hoster from:
UnZip
the file and press "Restore Original Hosts" and press "OK". Exit Program.
* Download the trial version of Ewido Security Suite here
* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.
* Click here for info on how to boot to safe mode if you don't already know
how.
* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.
* Restart your computer into safe mode now. Perform the following steps in
safe mode:
* Run Ewido:
* Click on scanner
* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop
to clean out the Temp folders!
When in Safe Mode, open notepad and paste in the following lines:
del c:\ *.tmp
del %temp%\*.tmp /f
del %windir%\prefetch\*.*
del %windir%\temp\*.* /f
del C:\documents and settings\*\local settings\temp\*.* /f
Save to your desktop as 'clean.bat'...Before you save,set 'file types' to
all types. ( *.*)
DoubleClick on "clean.bat", and say Yes to the prompt.
reboot to normal mode and run a few online scans!
Run an online antivirus check from
choose extended database for the scan!
Run ActiveScan online virus scan here
When the scan is finished, anything that it cannot clean have it delete it.
Make a note of the file location of anything that cannot be deleted so you
can delete it yourself.
- Save the results from the scan!
post another hijack this log, the ewido and active scan logs
Member of ASAP Alliance of Security Analysis Professionals
under the name khazars
