Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Hosts File Altered

Status
Not open for further replies.
lizdunn

lizdunn

IS-IT--Management
Jul 12, 2000
42
US
On an XP box on windows network machine couldn't run certain program, checked hosts file and legit ip address which connect user to billing program was gone. Also, cannot view the properties in events logged in event viewer (system and application). double-click on event and nothing happens.

anyone else experience this?
 
Sort by date Sort by votes
Download the Hoster from: UnZip
the file and press "Restore Original Hosts" and press "OK". Exit Program.



* Download the trial version of Ewido Security Suite here



* Install ewido.
* During the installation, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
* Launch ewido
* It will prompt you to update click the OK button and it will go to the main screen
* On the left side of the main screen click update
* Click on Start and let it update.
* DO NOT run a scan yet. You will do that later in safe mode.



* Click here for info on how to boot to safe mode if you don't already know
how.




* Now copy these instructions to notepad and save them to your desktop. You
will need them to refer to in safe mode.


* Restart your computer into safe mode now. Perform the following steps in
safe mode:


* Run Ewido:

* Click on scanner
* Click Complete System Scan and the scan will begin.
* During the scan it will prompt you to clean files, click OK
* When the scan is finished, look at the bottom of the screen and click the Save report button.
* Save the report to your desktop



to clean out the Temp folders!


When in Safe Mode, open notepad and paste in the following lines:

del c:\ *.tmp
del %temp%\*.tmp /f
del %windir%\prefetch\*.*
del %windir%\temp\*.* /f
del C:\documents and settings\*\local settings\temp\*.* /f

Save to your desktop as 'clean.bat'...Before you save,set 'file types' to
all types. ( *.*)

DoubleClick on "clean.bat", and say Yes to the prompt.


reboot to normal mode and run a few online scans!



Run an online antivirus check from


choose extended database for the scan!




Run ActiveScan online virus scan here


When the scan is finished, anything that it cannot clean have it delete it.
Make a note of the file location of anything that cannot be deleted so you
can delete it yourself.
- Save the results from the scan!



post another hijack this log, the ewido and active scan logs

Member of ASAP Alliance of Security Analysis Professionals

under the name khazars
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mscallisto
  • Locked
  • Question
Can I get a virus in a picture file (like .jpg etc.)? 3
Replies
5
Views
348
mscallisto
mscallisto
OsakaWebbie
  • Locked
  • Question
PHP file found on flash drive - how could it have been used? 1
Replies
12
Views
559
OsakaWebbie
OsakaWebbie
amanua
  • Locked
  • Question
vpn7x32.exe in program files folder
Replies
5
Views
395
goombawaho
goombawaho
crackoo
  • Locked
  • Question
Encrypted files by Win32.Mabezat.A
Replies
2
Views
301
crackoo
crackoo
2ffat
  • Locked
  • News
Antivirus2010/Antivirus1 alter hosts file
Replies
0
Views
91
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top