1. Please download Dial-A-Fix from one of the following mirrors:
   • Primary Mirror
   • Secondary Mirror
2. Extract the zip file to your desktop.
3. Double click Dial-a-Fix.exe to start the program.
4. Press the green double checkmark box (Looks like this: )
5. UNcheck "Empty Temp Folders", as well as "Adjust Time/Date" in the prep section. The prep section should then look like this:
   
6. When the window looks like this, press the GO button in the bottom of the window.
   
7. Exit/Close Dial-A-Fix

1. Please visit the Kaspersky Online Scanner website.
   Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.
2. Click on the Accept button and install any components it needs.
3. The program will install and then begin downloading the latest definition files.
4. After the files have been downloaded on the left side of the page in the Scan section select My Computer
5. This will start the program and scan your system.
6. The scan will take a while, so be patient and let it run.
7. Once the scan is complete, click on View scan report
8. Now, click on the Save Report as button.
9. Save the file to your desktop.
10. Copy and paste that information in your next post.

KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, August 7, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, August 07, 2008 04:00:32
Records in database: 1064731
Scan settings
Scan using the following database extended
Scan archives yes
Scan mail databases yes
Scan area My Computer
C:\
D:\
E:\
H:\
I:\
J:\
K:\
Scan statistics
Files scanned 85238
Threat name 3
Infected objects 3
Suspicious objects 0
Duration of the scan 02:19:56

File name Threat name Threats count
C:\Program Files\Online Services\AOL90US\comps\toolbar\toolbr.EXE Infected: not-a-virus:AdWare.Win32.SearchIt.t 1
C:\_OTMoveIt\MovedFiles\07292008_224857\a Infected: Trojan-Downloader.Win32.FraudLoad.bep 1
D:\I386\Apps\APP16455\src\HPSummer2005.exe Infected: not-a-virus:AdWare.Win32.MyWay.j 1
The selected area was scanned.

1. Save it to your desktop.
2. Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
3. Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
   
   
   CODE
   C:\Program Files\Online Services\AOL90US\comps\toolbar\toolbr.EXE
   D:\I386\Apps\APP16455\src\HPSummer2005.exe
   
   
4. Return to OTMoveIt2, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
   
5. Click the red Moveit! button.
6. Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
7. Close OTMoveIt2

1. Please follow the link to the F-Secure Online Scanner
   Note: This Scanner is for Internet Explorer Only!
2. Follow the instructions here for installation.
3. Accept the License Agreement.
4. Once the ActiveX installs,Click Full System Scan
5. Once the download completes, the scan will begin automatically.
6. The scan will take some time to finish, so please be patient.
7. When the scan completes, click the Automatic cleaning (recommended) button.

C:\Program Files\Online Services\AOL90US\comps\toolbar\toolbr.EXE moved successfully.
D:\I386\Apps\APP16455\src\HPSummer2005.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08072008_220007

1. Please download OTMoveIt2 by OldTimer and save it to your desktop.
2. Click the Clean Up button.
   
3. Accept any prompts.
4. This will remove any tools we used, including OTMoveIt, and will require a reboot.

1. Set a New Restore Point to prevent possible reinfection from an old one.
   Some of the malware you picked up could have been saved in System Restore. Since System Restore is a protected directory, your tools can not access it to delete these bad files which sometimes can reinfect your system. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.
   You can view a video of the following instructions.
   • Go to Start > Programs > Accessories > System Tools and click "System Restore".
   • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
   • Then go to Start > Run and type: Cleanmgr
   • Click "OK".
   • Click the "More Options" Tab.
   • Click "Clean Up" in the System Restore section to remove all previous restore points except the newly created one.
   Note: You should only do this once!
   
2. Make sure you install all the security updates for Windows, Internet Explorer & Microsoft Office
   Whenever a security problem in its software is found, Microsoft will usually create a patch for it. After the patch is installed, attackers can't use the vulnerability to install malicious software on your PC, so keeping up with these patches will help to prevent malicious software being installed on your PC
   Go here to check for & install updates to Microsoft applications.
   Note: The update process uses ActiveX, so you will need to use Internet Explorer for it, and allow the ActiveX control that it wants to install.
   
3. Keep your non-Microsoft applications updated as well
   Microsoft isn't the only company whose products can contain security vulnerabilities, to check for other vulnerable programs running on your PC that are in need of an update, you can use the Secunia Software Inspector - I suggest that you run it at least once a month.
   
4. Make Internet Explorer more secure
   • Click Start -> Run
   • Type "Inetcpl.cpl" (without quotes) & click OK.
   • Click on the Security tab.
   • Click "Reset all zones to default level"
   • Make sure the Internet Zone is selected & click "Custom level"
   • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls") to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
   • Click OK, then Apply, then OK to exit the Internet Properties page.
   
   
5. Install SpywareBlaster & make sure to update it regularly
   SpywareBlaster sets killbits in the registry to prevent known malicious ActiveX controls from installing themselves on your computer.
   If you don't know what ActiveX controls are, see here
   You can download SpywareBlaster from here.
   
6. Install and use Spybot Search & Destroy
   Instructions are located here
   Make sure you update, reimmunize & scan regularly.
   
7. Make use of the HOSTS file included with Spybot Search & Destroy
   Every version of Microsoft Windows includes a hosts file. A hosts file is a bit like a phone book: it points to the actual numeric address (i.e. the IP address) from the human friendly name of a website. This feature can be used to block malicious websites.
   Spybot Search & Destroy has a good HOSTS file built in. To enable it,
   • Run Spybot Search & Destroy
   • Click the Mode button on the toolbar, and then place a tick next to Advanced mode.
   • Click Yes.
   • In the left hand pane of Spybot Search & Destroy, click on "Tools", and then on Hosts File.
   • Click on "Add Spybot-S&D hosts list"
   Note: On some PCs, having a custom HOSTS file installed can cause a significant slowdown. Following these instructions should resolve the issue
   • Click Start -> Run.
   • Type "services.msc" (without quotes) & click OK.
   • In the list, find the service called "DNS Client" & double click on it.
   • On the dropdown box, change the setting from "Automatic" to "Manual".
   • Click OK.
   • Exit/close the Services window
   For a more detailed explanation of the HOSTS file, click here.
   
8. Install a-squared Free & update and scan with it regularly
   a-squared free is a product from Emsi Software provided free for private use that can detect and remove a variety of malicious software. You can get it here
   Note: If you have a dialup internet connection, you may also like to install a-squared Anti-Dialer which provides some real time protection against premium rate dialers
   
9. Finally I am trying to make one point very clear. It is absolutely essential to keep all of your security programs up to date!