
	<p>Well, I have good news, and more good news. First, I just want to say a big thank you
	Chris for buying me &quot;<i><span class="st0">Rootkits</span> : Subverting the Windows
	Kernel</i>&quot; from my Amazon wishlist. That will be very helpful in understanding the
	new types of malware that are becoming prevalent.</p>
	<p>Secondly, I have an update on the infosmartme.com infection I
	mentioned in my previous post. There is a new url being used in
	addition to the first url: http://69.64.48.229/lover.exe </p>
	<p>I have also been able to verify that AIMFix will in fact detect and
	remove this virus, but it's slightly more involved than most virus/worm
	variants. The required steps to remove this virus appear to be:</p>
	<ol>
	<li>Run AIMFix - it should remove a few files and registry keys</li>
	<li>Reboot the computer immediately</li>
	<li>Run AIMFix a second time</li>
	</ol>
	
	<p>More research will be done and I will be adding some special code to
	AIMFix soon to handle this variant, but as far as I can tell so far,
	the above steps will work.</p>
	<p>-Jay</p>