If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one
. Some of the malware you picked up could have been backed up, renamed and saved in System Restore
. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back
" to a clean working state.The easiest and safest way to do this is
- Go to Start > Programs > Accessories > System Tools and click "System Restore".
- Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
- Then use Disk Cleanup to remove all but the most recently created Restore Point.
- Go to > Run... and type: Cleanmgr
- Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
- Click the "More Options" tab, then click the "Clean up" button under System Restore.
- Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
- Click Yes, then click Ok.
- Click Yes again when prompted with "Are you sure you want to perform these actions?"
- Disk Cleanup will remove the files and close automatically.
and Windows 7
users can refer to these links: Create a New Restore Point in Vista or Windows 7
and Disk Cleanup in Vista
.Tips to protect yourself against malware and reduce the potential for re-infection:
• Keep Windows and Internet Explorer current
with all critical updates from Microsoft which will patch many of the security holes through which attackers can gain access to your computer. If you're not sure how to do this, see Microsoft Update helps keep your computer current
• Avoid gaming sites
, porn sites
, pirated software
, cracking tools
, and peer-to-peer
(P2P) file sharing
programs (i.e. Limewire, eMule, uTorrent). They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections
, remote attacks, exposure of personal information, and identity theft. Malicious worms
, backdoor Trojans IRCBots
, and rootkits
spread across P2P file sharing networks, gaming, porn and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads
and malicious Flash ads
that install viruses, Trojans, and spyware
. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. Porn sites can lead to the Trojan.Mebroot MBR rootkit
and other dangerous malware. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
• Beware of Rogue Security software
as they are one of the most common sources of malware infection
. They infect machines by using social engineering
and scams to trick a user into spending money to buy a an application which claims to remove malware. For more specific information on how these types of rogue programs and infections install themselves, read:
• Keeping Autorun enabled
on USB (pen, thumb, jump) and other removable drives has become a significant security risk
as they are one of the most common infection vectors for malware which can transfer the infection to your computer. To learn more about this risk, please read:
Many security experts recommend you disable Autorun asap
as a method of prevention. Microsoft recommends doing the same
Microsoft Security Advisory (967940): Update for Windows AutorunHow to Maximize the Malware Protection of Your Removable Drives
...Disabling Autorun functionality can help protect customers from attack vectors that involve the execution of arbitrary code by Autorun when inserting a CD-ROM device, USB device, network shares, or other media containing a file system with an Autorun.inf file...
• Other related reading sources:
• Finally, if you need to replace your anti-virus, firewall or need a reliable anti-malware scanner please refer to: