Archived from groups: microsoft.public.windowsxp.help_and_support (
More info?)
You're welcome glad it worked. Although Ewido follows the traditional file
scanner plus real-time monitor approach used by most other anti-trojans
there's much to like about the way has been executed. The fact that the
real-time monitor operates as a kernel driver. That means that it's well
protected from the increasing number of hostile Trojans that routinely pull
down any running anti-trojan monitors.
If a Trojan does manage to damage on of Ewido's components then it will
attempt to fix the problem by automatically downloading new versions of the
corrupted modules. It unpacks compressed executables and scans them in a
protected virtual environment. This allows it to detect Trojans whose
signatures would otherwise be hidden by the encoding. It also makes it
possible to detect polymorphic Trojans. Ewido also scans files inside
conventional archives. It also detects Trojans that attempt to hide by
attaching themselves to other programs, so called binded executables. It's
one of the best out there.
--
The best live web video on the internet
http://www.seedsv.com/webdemo.htm
NEW Embedded system W/Linux. We now sell DVR cards.
See it all at
http://www.seedsv.com/products.htm
Sharpvision simply the best
http://www.seedsv.com
"50420" <50420@discussions.microsoft.com> wrote in message
news:E3997565-4B02-4D87-A9A9-79A29F49B544@microsoft.com...
> cheers dude.
> I was having a problem getting all the betterinternet junk of a friends
> pc,
> went through your advice last nite and seems to have done the job
> out of curiosity though...having ran full norton (2004) adaware, spybot
> and
> the Ms Antispyware and malicious software removal apps...all of which had
> the
> most recent updates (apart from the vx2 adaware plugin), not one of these
> apps detected anything out of place !!! yet the ewido scan found approx
> 47
> trojans?
>
> "pcbutts1" wrote:
>
>> I would not trust it. Use my method it works. It is floating around in
>> several forums now but here it is.
>>
>> Please download ewido security suite it is a free version of the program.
>>
http://www.pcbutts1.com/downloads/ewidosetup.exe
>> Install ewido security suite
>> When installing, under "Additional Options" uncheck..
>> Install background guard
>> Install scan via context menu
>> Launch ewido, there should be an icon on your desktop, double-click it.
>> The program will now open to the main screen.
>> You will need to update ewido to the latest definition files.
>> On the left hand side of the main screen click update.
>> Then click on Start Update.
>> The update will start and a progress bar will show the updates being
>> installed.
>> (the status bar at the bottom will display "Update successful")
>> Exit ewido. DO NOT SCAN YET.
>>
>> Download CCleaner and install it, but do not run it yet.
>>
http://www.pcbutts1.com/downloads/ccsetup122.exe
>>
>> Please download this file: Revised Installer for the Nailfix Utility
>>
http://www.pcbutts1.com/downloads/nailfix1.exe
>> Save it to your desktop.
>> DO NOT RUN IT YET.
>>
>> Next configure Windows to show all files
>>
>> Do one of the following:
>> In Windows XP, on the taskbar, click Start > My Computer.
>> In Windows 2000/Me/98, on the Windows desktop, double-click the My
>> Computer
>> icon.
>> Do one of the following:
>> In Windows XP/2000/Me, on the Tools menu, click Folder Options.
>> In Windows 98, on the View menu, click Folder Options.
>> On the View tab, uncheck Hide file extensions for known file types.
>> Do one of the following:
>> In Windows XP/2000/Me, uncheck Hide protected operating system files.
>> Then,
>> under the "Hidden files" folder, click Show hidden files and folders.
>> In Windows 98, in the Advanced Settings box, under the "Hidden files"
>> folder, click Show all files.
>> If you see a warning message, click Yes.
>> Click Apply.
>> Click OK.
>>
>> Next, please reboot your computer in SafeMode by doing the following:
>> Restart your computer.After hearing your computer beep once during
>> startup,
>> but before the Windows icon appears, press F8.Instead of Windows loading
>> as
>> normal, a menu should appear
>> Select the first option, to run Windows in Safe Mode.
>> Once in Safe Mode, please double-click on nailfix.exe.
>> Click "Next" in the setup
>> Make sure "Run Nailfix" is checked and click "Finish".
>> Your desktop and icons will disappear and reappear, and a window should
>> open
>> and close very quickly --- this is normal.
>>
>> Now open ewido and do a scan of your system.
>> Click on scanner
>> Click on Complete System Scan and the scan will begin.
>> NOTE: During some scans with ewido it is finding cases of false
>> positives.**
>> You will need to step through the process of cleaning files one-by-one.
>> If ewido detects a file you KNOW to be legitimate, select none as the
>> action.
>> DO NOT select "Perform action on all infections"
>> If you are unsure of any entry found select none for now as the action.
>> Once the scan has completed, there will be a button located on the bottom
>> of
>> the screen named Save report
>> Click Save report.
>> Save the report .txt file to your desktop or a location where you can
>> find
>> it easily.
>>
>> Download HijackThis
http://www.pcbutts1.com/downloads/HijackThis.zip
>> Now run HijackThis, click Scan, and place a checkmark next to each of the
>> following items:
>>
>> F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
>>
>> Close all open windows except for HJT, then click the Fix Checked button.
>> Close HJT.
>>
>> Locate and delete the following File
>> C:\WINDOWS\Nail.exe
>> For Windows NT or 2000 it would be
>> C:\winnt\Nail.exe
>>
>> Now run CCleaner
>> Uncheck "Cookies" under "Internet Explorer".
>> If running Firefox: click on the "Applications" tab and uncheck "Cookies"
>> under "Firefox".
>> Click on Run Cleaner in the lower right-hand corner. This can take quite
>> a
>> while to run.
>>
>> Finally, restart your computer in normal mode and please post a new
>> HijackThis log, as well as the report log from the Ewido scan by using
>> Add
>> Reply.
>>
>> If IE is not working, the links I gave you are direct download links and
>> should work. If they don't then paste them into another browser or
>> explorer
>> window. If you have no other browser then email me with a valid email
>> address and I will send you one. We will fix IE after all the spyware is
>> gone.
>>
>>
>>
>>
>>
>> --
>>
>>
>> The best live web video on the internet
http://www.seedsv.com/webdemo.htm
>> NEW Embedded system W/Linux. We now sell DVR cards.
>> See it all at
http://www.seedsv.com/products.htm
>> Sharpvision simply the best
http://www.seedsv.com
>>
>>
>>
>> "Mike" <Mike@discussions.microsoft.com> wrote in message
>> news:20479E38-2E30-4A99-B383-98DD8248B5F3@microsoft.com...
>> > My computer was infected with the Aurora adware and I wasn't able to
>> > get
>> > rid
>> > of it. I found on www.mypctuneup.com a program to uninstall it. I
>> > have
>> > heard on a previous post that it seems to work. I am just a little
>> > skeptical
>> > if it removes it, because it is the same company that makes the adware.
>> >
>> > Should I trust them? They say that they leave a "marker" behind simiar
>> > to
>> > a
>> > cookie file. Does this or anything else have a detrimental effect on
>> > your
>> > computer.
>>
>>
>>
Facebook
Twitter
Instagram