Your log looks good! Nice work.
We will add a few tools to keep you that way, and clean up any leftovers.
-----------------------------------------------------------
Please note that if you use any form of Peer-to-Peer networking or downloading files from non-documented sources, you can expect infestations of malware to occur. Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation. Additional information on the safety of Peer to Peer Networks is here : http://www.spywareinfo.com/articles/p2p/ -(from NonSuch)
-----------------------------------------------------------
Download ATF Cleaner by Atribune © from here : http://www.atribune.org/ccount/click.php?id=1
It is a stand-alone program that does not need to be "installed". Save it to a convenient location and make a shortcut on your desktop.
Double-click ATF-Cleaner.exe to run the program.
Under Main, choose Select All
Click Empty Selected
If you use Firefox browser,
Click Firefox at the top and choose Select All
Click on Empty Selected
NOTE: If you would like to keep any saved passwords, please click No at the prompt.
Click Exit to close.
-----------------------------------------------------------
Disable WinXP System Restore
Disable your System Restore to remove malware files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing them. The only way to erase these files is to temporarily disable System Restore. You will lose all previous restore points which are likely to be infected.
- Right-click My Computer, and then click Properties.
- On the System Restore tab, put a Check mark in the Turn Off System Restore check box.
- Click OK twice, and then click Yes when you are prompted to restart the computer.
If you are not prompted to reboot, do it on your own.
-----------------------------------------------------------
After the Reboot,
Enable WinXP System Restore
- Right-click My Computer, and then click Properties.
- On the System Restore tab, Clear the Check mark beside the Turn Off System Restore check box.
- Click OK twice, and then click Yes when you are prompted to restart the computer.
The Disable/Re-enable System Restore sequence is not to be done regularly, but only once after the removal of malware.
-----------------------------------------------------------
Secure your Internet Explorer
- From within Internet Explorer, click on the Tools menu and then click on Internet Options.
- Click once on the Security Tab
- Click once on the Internet icon so it becomes highlighted.
- Click once on the Custom Level button.
- Change the Download signed ActiveX controls to Prompt
- Change the Download unsigned ActiveX controls to Disable
- Change the Initialize and script ActiveX controls not marked as safe to Disable
- Change the Installation of desktop items to Prompt
- Change the Launching programs and files in an IFRAME to - Prompt
- Change the Navigate sub-frames across different domains to - Prompt
- Click on the Advanced Tab
- Uncheck the box "Enable Install On Demand (Internet Explorer)"
- Uncheck the box "Enable Install On Demand (Other)"
- When all these settings have been made, click on the OK button.
- If it prompts you as to whether or not you want to save the settings, press the Yes button.
- Press the Apply button and then the OK to exit the Internet Options page
-----------------------------------------------------------
Install SpywareBlaster - SpywareBlaster will add a large list of programs and sites to your Internet Explorer settings that will protect you from accidentally running or downloading known malicious programs. Available from http://www.javacoolsoftware.com/spywareblaster.html
After the installation, click Download Latest Protection Updates. When it finishes, click Enable All Protection.
-----------------------------------------------------------
Download and Install a HOSTS File
A Hosts file is a plain text file which prevents your computer from connecting to malware and spyware sites by redirecting the connection request to 127.0.0.1, which is your local address. If you use a proxy server, or if you are on AOL, be sure to read the special instructions.
You can download the MVPS Hosts File and see a HOSTS file tutorial here : http://www.mvps.org/winhelp2002/hosts.htm
This website also contains useful tips, and links to other resources and utilities.
------------------------------------------------------------
You should update your Windows XP to SP2. This fixes a large number of security holes in your system.
It is a very large download, and is not feasible with Dial-Up.
If there is a problem with getting the SP2 to take, see here : http://www.microsoft.com/windowsxp/using/security/expert/atkin_04nov23.mspx
You can order an update Service Pack 2 CD from MicroSoft here : http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/default.mspx
Good Luck! You have done a great job on some difficult infections.
askey127
