1.Clear the (IE) temporary Internet files and the history cache.
Click 'Start' and then click 'Run'... then type (or copy/paste)
"inetcpl.cpl" (w/out quotation marks) into the box, then click the 'OK'
button.
In Internet Properties panel 'General' tab, under 'Browsing history', click
'Delete...'button, in 'Delete Browsing History' panel, click the 'Delete
all...' button then place a checkmark into the box beside 'Also delete
files and settings stored by add-ons', Click 'Yes' and exit the Internet
Properties panel by clicking the 'OK' button.
2.Clean HDD
Click 'Start' and then click 'Run...' then type (or copy/paste) "cleanmgr"
(w/out quotation marks into the box, then click the 'OK' button. Select
your drive
(presumably WinXP (C
and click OK.
--or--
2a.Delete files using Disk Cleanup (if on Vista)
http://windowshelp.microsoft.com/Windows/en-US/help/1264bc24-72a8-48aa-84e3-a355327139d91033.mspx
3.Download/execute:
Malwarebytes© Corporation - Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
--and--
SuperAntispyware - Free
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
--and--
Kaspersky® Virus Removal Tool
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
NOTE:
The above mentioned applications are not capable for real-time protection
of your computer; They are on-demand scanners.
Kaspersky® Virus Removal Tool has no update feature (so it don't turn into
a full blown scanner). As soon as your computer is cleaned you are supposed
to remove this tool from your operating system and revert back to your
(updated) resident (real-time) AV application.
To uninstall/move this program 'enable self-defense' must be unchecked!
To scan your computer with the most up-to-date Kaspersky® AVPTool databases
next time you should download a new Kaspersky® AVPTool package.
Keep MBAM and SAS installed and use them as 'second-opinion' scanner which
is purposely (by design) recommended by their respective authors.
After the software is updated, it is suggested scanning the system in Safe
Mode (this does not apply to MBAM).
"Malwarebytes actually performs better in Normal Mode" says Dustin Cook,
co-author of MBAM.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222
Start your computer in safe mode (Vista)
http://windowshelp.microsoft.com/Windows/en-us/help/323ef48f-7b93-4079-a48a-5c58eec904a11033.mspx
http://www.bleepingcomputer.com/tutorials/tutorial61.html
4.Download and execute HiJack This! (HJT)
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis
Please, do not post HJT logs to this newsgroup.
Fora where you can get expert advice for HiJack This! (HJT) logs.
http://www.thespykiller.co.uk/index.php?board=3.0
http://www.spywarewarrior.com/viewforum.php?f=5
http://forums.tomcoyote.org/index.php?showforum=27
http://www.bleepingcomputer.com/forums/forum22.html
http://www.malwarebytes.org/forums/index.php?showforum=7
http://www.5starsupport.com/ipboard/index.php?showforum=18
http://www.theeldergeek.com/forum/index.php?s=2e9ea4e19d3289dd877ab75a8220bff6&showforum=29
NOTE:
Registration is required in any of the above mentioned fora before posting
a HJT log and read the 'stickies' (instructions/guidelines) for the
respective HJT forum.
5.Routinely practice Safe-Hex.
http://www.claymania.com/safe-hex.html
Good luck
