Hi Irene
I'm sorry it took me so long to get back to you.
Purge System RestoreWe've now arrived at the stage where we can clean the System Restore points. Malware can easily hide itself in System Restore points. This is
BAD. While inside the restore point, it is completely harmless. But once you restore from that restore point, the malware will spread again.
To purge System Restore, please do the following:
- First, launch System Restore (Start
All Programs Accessories System Tools System Restore). - Choose the second option: Create a restore point. Name it something like All Clean.
Now, for the actual purging:
- Click Start All Programs Accessories Disk Cleaner.
- Wait for the program to load... this will take a few seconds.
- Click the More Options tab, and click the Cleanup button under the System Restore heading. Click Yes if you're prompted whether you're sure.
- Don't close the program yet.
Clean up some more leftovers- Get back to the previous tab. Tick the following items:
- Temporary Internet Files
- Offline Web Pages
- Recycle Bin
- Temporary Files
- WebClient/Publisher temporary files
- Click OK. If you're asked whether you're sure, click Yes.
If you don't have any other issues, then I think all the malware is gone!
Congratulations!
As far as I can tell, you are CLEAN! 
Have a big cup of
, sit back & relax, and now please follow a few of the following tips; they will dramatically reduce your chance of getting infected again.
- Turn on Automatic Updates if you have not done so. It is MANDATORY to keep your Windows updated, otherwise you are vulnerable to exploits! To turn on Automatic Updates: click Start Control Panel Security Centre Automatic Updates.
Below are optional items. It's highly recommended to read them through, but decide for yourself how many of these recommendations (if any) you follow.
- Install WinPatrol from here. Instructions for use are here.
- Install SpywareBlaster to protect you from bad sites. Download - How to use it
- Install a custom hosts file. Let's say I have a directory of 640kb's worth of bad sites. Let's say I can make sure you will never be able to access those sites, so you will never get any infection from those sites. It's like blocking a site - without site blocking tools. How would you like to never be able to visit (a lot, but not all of the) malware-infected sites again? Well, now you can!
First, we must disable a service, as Windows cannot work with a very large hosts file while that service is active. This will not affect anything else.
The disabling routine:
- Click Start, then Run
- Copy and paste the following:
- Code: Select all
sc config dnscache start= disabled
- Click OK.
Next, you can download the custom hosts file from here. Installation instructions can be found there as well.
- Install KeyScrambler. Keyloggers are the third biggest threats in the world of malware - next to backdoors & rootkits. KeyScrambler is an add-on that integrates with your browser and protects you from keyloggers; meaning safe online gaming, and safe online banking. There is also a paid version, which protects e-mail programs and Word, and a more expensive paid version that protects even more items! Download it from here. I recommend you to not use the IE version, as in the past this had caused crashes with IE 7+; yet it worked fine on IE 6. Though they could have fixed it by now.
Please note: you must NOT rely on programs like KeyScrambler for your protection. The program can protect against many types of keylogging software but no security program is 100% reliable and new malware is created every day. If you suspect your machine is infected with a keylogger you should immediately change all your passwords from a known clean machine and seek assistance with removing the malware.Please reply to this thread once more so we know it can be archivedHappy surfing!!
by irenehaley » November 4th, 2008, 9:48 am 
