[gciron1]

ok.. will do

[Advertisements]

i have not used the computer because of the problems and i want it to be fixed.. so i cannot speak to its performance.

[gciron1]

i have not used the computer because of the problems and i want it to be fixed.. so i cannot speak to its performance.

[Mike]

OK, I will wait on the results

[gciron1]

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, July 29, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, July 29, 2008 12:24:08
Records in database: 1022043
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
I:\
J:\

Scan statistics:
Files scanned: 71811
Threat name: 5
Infected objects: 8
Suspicious objects: 0
Duration of the scan: 02:03:27


File name / Threat name / Threats count
C:\Documents and Settings\Sam\Shared\friends with benifits p dot.mp3 Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.ae 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:Downloader.Win32.WinFixer.t 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:Downloader.Win32.WinFixer.j 2
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\38E96737.zip Infected: Trojan.Java.ClassLoader.ao 3

The selected area was scanned.

[Mike]

Hi there,

Make sure this file is deleted:

C:\Documents and Settings\Sam\Shared\friends with benifits p dot.mp3

and empty out this folder (i.e delete everything in it..) C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine

I noticed, pretty late, that you are running two antivirus programs - AVG and Norton, you need to uninstall one as running more than one just lowers your protection.

If the above went smoothly your logs look clean


Let's remove the tools I had you use.

You will need internet connection for this:
Please open OTMoveIt2:

• Double click OTMoveIt.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.

Note: If you receive a warning from your firewall or other security programs regarding OTMoveIt attempting to contact the internet, please allow it to do so.

Runscanner needs to be deleted separately, and if you don't want MalwareBytes' Anti-Malware you can uninstall it through add or remove programs.

Right-click on "My Computer." The "System Properties" dialogue box will appear, showing a number of tabs. From here you can reset System Restore and configure Automatic Updates.

First, click the System Restore tab.

• Check the box beside "Turn off System Restore"
• Click "Apply"
• At the prompt, click "Yes"

Wait while your system deletes existing Restore Points, this may take a few moments.

• Uncheck the box beside "Turn off System Restore"
• Click "Apply"
• At the prompt, click "Yes"

Your system will now create a new Restore Point.

Now that your are clean, you'll want to stay that way.

Some important things that you should keep in mind in order to protect yourself:

• Use common sense. This is the big one! Don't download programs from suspicious sites and be careful where you browse.
  Things you can do to avoid downloading bad programs:
  • Google the program. Read reviews and opinions from other people on the internet, if you dont see any reports of foul play - then there more than likely is none.
  • Stay away from Cracks! However luring the thought of free software can be it's not worth the hassle and potential danger of getting infected.
  • Download the program directly from the website of the developer - then you can be certain you haven't downloaded a bogus copy.
  • Read the EULA (End User License Agreement) - Find out exactly what you are downloading. A good tool to aid you in this would be EULAyzer.
• Keep your programs updated! Software developers update their programs to patch possible security risks. Do a scan once in a while for outdated programs using Secunia's Software Inspector
• Keep your protection programs up to date! No matter how good your Antivirus or Antispyware program is, without an updated set of definitions it will do you no good against the new infections. If you run a free program make sure to update them at least once a week.
• Make sure that windows updates is enabled. Keeping your system up to date is a must - to turn on automatic updates take a look at this article by Microsoft.

I have listed two programs to boost your security while using no resources.

• SpywareBlaster Take a look at the tutorial here.
• ZonedOut Adds thousands of websites to your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.

Also consider using an alternative web browser. Two big named ones, both far superior to Internet Explorer in terms of security and performance, would be Firefox and Opera.

Make a habit of scanning your computer for viruses every week or so and backing up important files regularly.

Please also read Expert Tony Klein's excellent article: How I got Infected in the First Place

Please post back and tell me if everything is OK, so that I may mark this thread as Resolved.

[gciron1]

i can find norton on the computer.. however while looking at ms dos.. it does show..

i just do not remember how to use ms dos.. so could you give me a two second tutorial

how to get to the directory i.e. cd\example\example

and how to delete.

i will delete from ms dos.

on a side note - i cannot find it at the add or emove programs and I can not find it at the start menu under programs.

thx

[Mike]

Download and run the Norton Removal too http://service1.syma...005033108162039

How's the PC running?

[gciron1]

ok.. downloaded the norton removal tool.

i will start to use the pc now.. so that i can tell if everythig is good

what do i do now that i ran the kapersky online scan and it had found a few items..

i do not see anywhere where it says to fix it..

[Mike]

Did it find anything different than before?

Make sure this file is deleted:

C:\Documents and Settings\Sam\Shared\friends with benifits p dot.mp3

and empty out this folder (i.e delete everything in it..) C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine

If you did that it shouldn't pick up anything. Can you show me the results?

[gciron1]

i have not done anything since running the program then deleting the norton folder..

Am I good to go?

to the next step?

i reread your other post.. i think that means i am good to go.

i will move on to your other steps.

KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, July 29, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, July 29, 2008 12:24:08
Records in database: 1022043
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
G:\
H:\
I:\
J:\

Scan statistics:
Files scanned: 71811
Threat name: 5
Infected objects: 8
Suspicious objects: 0
Duration of the scan: 02:03:27


File name / Threat name / Threats count
C:\Documents and Settings\Sam\Shared\friends with benifits p dot.mp3 Infected: Trojan-Downloader.WMA.Wimad.n 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.ae 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:Downloader.Win32.WinFixer.t 1
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\0CD568DC.exe Infected: not-a-virus:Downloader.Win32.WinFixer.j 2
C:\Program Files\Norton SystemWorks\Norton AntiVirus\Quarantine\38E96737.zip Infected: Trojan.Java.ClassLoader.ao 3

The selected area was scanned.

[Mike]

If you did what I instructed before you are good to go

Any questions or anything?

[gciron1]

done.. thank you for your help..

will start to use

[Mike]

Great,

Take care and have a great day still!

Mike

[Mike]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.