Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HACKTOOL VIRUS FOUND NEED HELP [RESOLVED]


  • This topic is locked This topic is locked

#16
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Daemon tools is not a virus it is just a suite of tools that can be used for good or bad. The file found is part of jellybean a tool used to locate the windows xp registration key - again not a virus

Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip
    Purity
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • 0

Advertisements


#17
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Scan Stats:
Scan Time: 219 seconds
Scan Options:
Scan Targets: D:\RECYCLER
Counts:
Total items scanned: 9,788
- Files & Directories: 9,788
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0

Total security risks detected: 1
Total items resolved: 0
Total items that require attention: 1

Resolved Threats:


Unresolved Threats:
Hacktool
Virus ID: 20685
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
State: Remove Failed
-----------
1 File
[xpkey.exe] inside of [keyfinder.exe] inside of [d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003\de434\kf141.zip] - Infected
  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Did you try OTMoveit in the previos post ?
  • 0

#19
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
it was : otscanit.txt in D:\RECYCLER\S-1-5-21-1060284298-1659004503-725345543-1003 and another otscanit.txt in D:\RECYCLER\S-1-5-21-2025429265-884357618-839522115-1003
  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip
    Purity
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • 0

#21
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
File/Folder d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip not found.
< Purity >

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08272008_132702
  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
It is not a virus and is quite harmless in the recycler but lets move it up one level


  • Please double-click OTMoveIt2.exe to run it.
  • Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434
    Purity
  • Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • 0

#23
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
File/Folder d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434 not found.
< Purity >

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08272008_133656
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK then OTMoveit is not seeing it. That was my strongest tool to try and get rid of it..

But as I say it is not a problem there, it is harmless

Apart from that though I can see no other problems

Now the best part of the day ----- Your log now appears clean :)

A good workman allways cleans up after himself so...Download and run this small programme and hit the cleanup button. It will remove all the programmes we have used plus itself

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE
You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done

VISTA
To manually create a new Restore Point
  • Go to Control Panel and select System and Maintenance
  • Select System
  • On the left select Advance System Settings and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create
Now we can purge the infected ones
  • Go back to the System and Maintenance page
  • Select Performance Information and Tools
  • On the left select Open Disk Cleanup
  • Select Files from all users and accept the warning if you get one
  • In the drop down box select your main drive i.e. C
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete
You are now done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free program: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe :)
  • 0

#25
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
Hi

have done as you asked, system took 5 minutes to boot and load personal settings. Have downloaded software and have carried out every suggestion. Mouse still eratic. AM RUNNING SUPERANTISPYWARE NOW.
  • 0

Advertisements


#26
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Keep me updated
  • 0

#27
floss001

floss001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 52 posts
SYSTEM HAS BEEN PAINFULLY SLOW . I will reboot to see if there is any difference after the last few changes.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/27/2008 at 05:23 PM

Application Version : 4.20.1046

Core Rules Database Version : 3549
Trace Rules Database Version: 1537

Scan type : Complete Scan
Total Scan Time : 02:50:33

Memory items scanned : 487
Memory threats detected : 0
Registry items scanned : 5913
Registry threats detected : 0
File items scanned : 28580
File threats detected : 14

Adware.Tracking Cookie
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][3].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][3].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
  • 0

#28
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Looks good cookies only :)
  • 0

#29
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0

#30
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Please give me an update on the current status of your system
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP