ihatemalware,
Good job. The system looks good. If it also looks good to you, we will do some cleanup, then some added protections.
Delete all the files in these folders:
C:\Windows\Prefetch\
C:\Documents and Settings\Username\Local Settings\Temp\ <===do for each user, substitute each for Username
Don't delete the folders themselves, just the files in them.
-----------------------------------------------------------
Run CCleaner. Make sure the
Cleaner block on the left is selected. Choose the
Windows tab. Check everything EXCEPT
cookies, and
Autocomplete Form History and the Advanced part of the Menu. Choose
Run Cleaner. This process could take a while. When CCleaner shows how much has been removed, cleaning is finished. Click
Exit.
-----------------------------------------------------------
Disable WinXP System Restore
Disable your System Restore to remove malware files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files. You will also lose all previous restore points which are likely to be infected.
- Right-click My Computer, and then click Properties.
- On the System Restore tab, put a
Check mark in the
Turn Off System Restore check box.
- Click
OK twice, and then click
Yes when you are prompted to restart the computer.
If you are not prompted to reboot, do it on your own.
-----------------------------------------------------------
After the Reboot,
Enable WinXP System Restore
- Right-click My Computer, and then click Properties.
- On the System Restore tab,
Clear the Check mark beside the
Turn Off System Restore check box.
- Click
OK twice, and then click
Yes when you are prompted to restart the computer.
The disable/re-enable System Restore sequence is not to be done regularly, but only once after the removal of malware.
Now some Added Protections:
-----------------------------------------------------------
Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites to your Internet Explorer settings that will protect you from accidentally running or downloading known malicious programs. Available from
http://www.javacoolsoftware.com/spywareblaster.html
After the installation, click
Download Latest Protection Updates. When it finishes, click
Enable All Protection.
-----------------------------------------------------------
Install IE-SPYAD Find it here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm
IE-SPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. It prevents any downloads, cookies, or scripts from the sites listed, although you will still be able to connect to them.
A tutorial can be found here :
http://www.bleepingcomputer.com/forums/Using_IE_Spyad_to_enhance_your_privacy_and_security-tut53.html
-----------------------------------------------------------
Download and Install a HOSTS File
A Hosts file is a plain text file which prevents your computer from connecting to malware and spyware sites by redirecting the connection request to 127.0.0.1, which is your local address. If you use a proxy server, or if you are on AOL, be sure to read the special instructions.
You can download the MVPS Hosts File and see a HOSTS file tutorial here :
http://www.mvps.org/winhelp2002/hosts.htm
This website also contains useful tips, and links to other resources and utilities.
-----------------------------------------------------------
Secure your Internet Explorer
- From within Internet Explorer click on the
Tools menu and then click on
Options.
- Click once on the
Security tab
- Click once on the
Internet icon so it becomes highlighted.
- Click once on the
Custom Level button.
- Change the
Download signed ActiveX controls to
Prompt
- Change the
Download unsigned ActiveX controls to
Disable
- Change the
Initialize and script ActiveX controls not marked as safe to
Disable
- Change the
Installation of desktop items to
Prompt
- Change the
Launching programs and files in an IFRAME to -
Prompt
- Change the
Navigate sub-frames across different domains to -
Prompt
- When all these settings have been made, click on the
OK button.
- If it prompts you as to whether or not you want to save the settings, press the
Yes button.
- Press the
Apply button and then the
OK to exit the Internet Properties page
askey127