The first thing you need to do is change all passwords, using a "known clean" computer. Do not use the infected one!
Next, flush the bad DNS cache and restore MS's Hosts file:
Copy and paste these lines in Note pad. @Echo on
attrib -h -s -r hosts
echo 127.0.0.1 localhost>HOSTS
attrib +r +h +s hosts
netsh winsock reset all
netsh int ip reset all
shutdown -r -t 1
Save as flush.bat
to your desktop.
Double click on the flush.bat file to run it.Vista and Windows 7... right click the .bat file and choose to run as Administrator. Your computer will reboot itself.
Now, download DDS from one of these links: DDS.com DDS.pif
- Disable any script blocking protection
- Double click the dds icon to run the tool.
- When done, DDS will open two (2) logs:
- Attach.txt <--- will be minimized in the task tray
- Save both reports to your desktop.
Include the contents of both logs in your next post.
The scan will instruct you to post Attach.txt as an attachment.