Tech Support Forum - View Single Post

Vikesrock8411 · 10-14-2005, 03:05 PM

Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions.

Viewing Hidden Files
Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option.

Downloads
smitRem.exe - extract it to it's own folder.

Cleanup! (Alternate Link)- Install it. You will use this later.

*NOTE* Cleanup deletes EVERYTHING out of temporary folders and does not make backups. Cleanup may also delete critical files on Windows XP 64bit systems. If you are running Windows XP Pro x64 please do not run Cleanup!

Ewido Security Suite

Install Ewido Security Suite
When installing, under "Additional Options" uncheck..
- Install background guard
- Install scan via context menu
Double-click the icon on Desktop to launch Ewido

You will need to update Ewido to the latest definition files.

On the left hand side of the main screen click update.
Then click on Start Update.

The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update Ewido
When you have finished updating, EXIT Ewido.

Ad-aware-Install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also download the VX2 plugin to download the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware as described on this page for better scan results.
Do not run it yet.

Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears).

Tools
Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows:

Click Options
Move the slider button down to Custom CleanUp!

Check the following:

Empty Recycle Bins
Delete Cookies
Delete Prefetch files
Cleanup! All Users

Uncheck the following :

Scan local drives for temporary files

Click OK, Press the CleanUp! button to start the program and reboot(Safe Mode) when prompted.

Run Ewido with it's updated definitions:(...it's important that all windows must be closed)

Click Scanner
Click Complete System Scan to begin scanning.
Click OK when prompted to clean files

With the first file it prompts to clean, select the option:

"Perform action on all infections"
.Choose clean and click OK.

Once finished, click the Save report button & save the report to your desktop

** This scan may take over an hour, after choosing the action for the first item you do not need to stay at the PC.

Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen.
Wait for the tool to complete and disk cleanup to finish.

The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply.

Open Ad-Aware and run a scan, clean everything it finds.

Next go to Control Panel click Display>Desktop>Customize Desktop>Website>Uncheck "Security Info" if present.

Reboot your system in Normal Mode.

Online Scans
Please run a Scan at Panda ActiveScan

Make sure that you choose the "fix" or "clean" option when available
at the end of this scan you will be given then option to save a log from the scan -SAVE THAT LOG- and post it here

In your next post please include:

A new Hijackthis! Log
Ewido Log
smitfiles.txt
Panda Activescan Log

10-14-2005, 03:05 PM	#3 (permalink)
Vikesrock8411 Analyst, Security Team Join Date: Jun 2005 Posts: 3,065 OS: Windows XP	Please print out or copy this page to Notepad in order to assist you when carrying out the following instructions. Viewing Hidden Files Go to My Computer >Tools >Folder Options >View tab and make sure that Show hidden files and folders is enabled. Also make sure that the System Files and Folders are showing / visible. Uncheck the Hide protected operating system files option. Downloads smitRem.exe - extract it to it's own folder. Cleanup! (Alternate Link)- Install it. You will use this later. NOTE Cleanup deletes EVERYTHING out of temporary folders and does not make backups. Cleanup may also delete critical files on Windows XP 64bit systems. If you are running Windows XP Pro x64 please do not run Cleanup! Ewido Security Suite Install Ewido Security Suite When installing, under "Additional Options" uncheck.. Install background guard Install scan via context menu Double-click the icon on Desktop to launch Ewido You will need to update Ewido to the latest definition files. On the left hand side of the main screen click update. Then click on Start Update. The update will start and a progress bar will show the updates being installed. If you are having problems with the updater, you can use this link to manually update Ewido When you have finished updating, EXIT Ewido. Ad-aware-Install it if you don't have it already. Make sure it's the newest version and check for any updates before running it. Also download the VX2 plugin to download the plug-in for fixing VX2 variants. To run this tool, go into Ad-aware->Add-ons and select VX2 Cleaner. Then click Run Tool and OK to start it. If it's clean, it will say Status System Clean. Otherwise, you will have to click on the Clean button to remove the VX2 infection. Also make sure to customize the settings in Ad-aware as described on this page for better scan results. Do not run it yet. Reboot your system in Safe Mode (By repeatedly tapping the F8 key until the menu appears). Tools Open Cleanup! by double-clicking the icon on your desktop (or from Start > All Programs). Set the program up as follows: Click Options Move the slider button down to Custom CleanUp! Check the following: Empty Recycle Bins Delete Cookies Delete Prefetch files Cleanup! All Users Uncheck the following : Scan local drives for temporary files Click OK, Press the CleanUp! button to start the program and reboot(Safe Mode) when prompted. Run Ewido with it's updated definitions:(...it's important that all windows must be closed) Click Scanner Click Complete System Scan to begin scanning. Click OK when prompted to clean files With the first file it prompts to clean, select the option: "Perform action on all infections" .Choose clean and click OK. Once finished, click the Save report button & save the report to your desktop This scan may take over an hour, after choosing the action for the first item you do not need to stay at the PC. Open the smitRem folder, then double click the RunThis.bat file to start the tool. Follow the prompts on screen. Wait for the tool to complete and disk cleanup to finish. The tool will create a log named smitfiles.txt in the root of your drive, eg; Local Disk C: or partition where your operating system is installed. Please post that log along with all others requested in your next reply. Open Ad-Aware and run a scan, clean everything it finds. Next go to Control Panel click Display>Desktop>Customize Desktop>Website>Uncheck "Security Info" if present. Reboot your system in Normal Mode. Online Scans Please run a Scan at Panda ActiveScan Make sure that you choose the "fix" or "clean" option when available at the end of this scan you will be given then option to save a log from the scan -SAVE THAT LOG- and post it here In your next post please include: A new Hijackthis! Log Ewido Log smitfiles.txt Panda Activescan Log**