txtaz
03-24-2005, 04:37 PM
Since I have been working on the road most of last year, my main computer in the house had been shut down 90% of the time. Well, I got around to setting up the home network and low and behold some (insert own profanities here) got malware on that puter. The name was elite toolbar and popped up ads constantly. I did the usual scans with all the tools and nothing got rid of it. So here's what I did....
Run all scans and write down all the info, most important is location and filename. Now these guys think they are smart changing the name of the exe, but weren't smart enough to change the full name. Next reboot into safe mode and go to the command prompt. Change to the directory where the exe is, do a directory search for the partial name. For example, in my case it was "dir elite*.*". This shows you all files starting with "elite" plus any characters after elite and any extension. Make sure you don't delete any system files. If you are not sure, ask. You can delete each one individually with "del filename" or all of them at once, "del elite*.*" (my case). Reboot into normal mode and run all scans again to clean up the reg entries the last enumeration made.
There, clean puter...Now go boating. :biggrin: :biggrin: :biggrin:
Hope this helps,
Wes
Run all scans and write down all the info, most important is location and filename. Now these guys think they are smart changing the name of the exe, but weren't smart enough to change the full name. Next reboot into safe mode and go to the command prompt. Change to the directory where the exe is, do a directory search for the partial name. For example, in my case it was "dir elite*.*". This shows you all files starting with "elite" plus any characters after elite and any extension. Make sure you don't delete any system files. If you are not sure, ask. You can delete each one individually with "del filename" or all of them at once, "del elite*.*" (my case). Reboot into normal mode and run all scans again to clean up the reg entries the last enumeration made.
There, clean puter...Now go boating. :biggrin: :biggrin: :biggrin:
Hope this helps,
Wes