[Essexboy]

Daemon tools is not a virus it is just a suite of tools that can be used for good or bad. The file found is part of jellybean a tool used to locate the windows xp registration key - again not a virus

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip
  Purity

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

[Advertisements]

Scan Stats:
Scan Time: 219 seconds
Scan Options:
Scan Targets: D:\RECYCLER
Counts:
Total items scanned: 9,788
- Files & Directories: 9,788
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0

Total security risks detected: 1
Total items resolved: 0
Total items that require attention: 1

Resolved Threats:


Unresolved Threats:
Hacktool
Virus ID: 20685
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
State: Remove Failed
-----------
1 File
[xpkey.exe] inside of [keyfinder.exe] inside of [d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003\de434\kf141.zip] - Infected

[floss001]

Scan Stats:
Scan Time: 219 seconds
Scan Options:
Scan Targets: D:\RECYCLER
Counts:
Total items scanned: 9,788
- Files & Directories: 9,788
- Registry Entries: 0
- Processes & Start-up Items: 0
- Network & Browser Items: 0
- Other: 0

Total security risks detected: 1
Total items resolved: 0
Total items that require attention: 1

Resolved Threats:


Unresolved Threats:
Hacktool
Virus ID: 20685
Type: Compressed
Risk: High (High Stealth, High Removal, High Performance, High Privacy)
Categories: Virus
State: Remove Failed
-----------
1 File
[xpkey.exe] inside of [keyfinder.exe] inside of [d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003\de434\kf141.zip] - Infected

[Essexboy]

Did you try OTMoveit in the previos post ?

[floss001]

it was : otscanit.txt in D:\RECYCLER\S-1-5-21-1060284298-1659004503-725345543-1003 and another otscanit.txt in D:\RECYCLER\S-1-5-21-2025429265-884357618-839522115-1003

[Essexboy]

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip
  Purity

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

[floss001]

File/Folder d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434\kf141.zip not found.
< Purity >

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08272008_132702

[Essexboy]

It is not a virus and is quite harmless in the recycler but lets move it up one level

• Please double-click OTMoveIt2.exe to run it.
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434
  Purity

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the yellow bar) and choose Paste.
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

[floss001]

File/Folder d:\recycler\s-1-5-21-1060284298-1659004503-725345543-1003-\de434 not found.
< Purity >

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08272008_133656

[Essexboy]

OK then OTMoveit is not seeing it. That was my strongest tool to try and get rid of it..

But as I say it is not a problem there, it is harmless

Apart from that though I can see no other problems

Now the best part of the day ----- Your log now appears clean

A good workman allways cleans up after himself so...Download and run this small programme and hit the cleanup button. It will remove all the programmes we have used plus itself

XP
Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:

• Select Start > All Programs > Accessories > System tools > System Restore.
• On the dialogue box that appears select Create a Restore Point
• Click NEXT
• Enter a name e.g. Clean
• Click CREATE

You now have a clean restore point, to get rid of the bad ones:

• Select Start > All Programs > Accessories > System tools > Disk Cleanup.
• In the Drop down box that appears select your main drive e.g. C
• Click OK
• The System will do some calculation and the display a dialogue box with TABS
• Select the More Options Tab.
• At the bottom will be a system restore box with a CLEANUP button click this
• Accept the Warning and select OK again, the program will close and you are done

VISTA
To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
• Select System
• On the left select Advance System Settings and accept the warning if you get one
• Select System Protection Tab
• Select Create at the bottom
• Type in a name i.e. Clean
• Select Create

Now we can purge the infected ones

• Go back to the System and Maintenance page
• Select Performance Information and Tools
• On the left select Open Disk Cleanup
• Select Files from all users and accept the warning if you get one
• In the drop down box select your main drive i.e. C
• For a few moments the system will make some calculations
• Select the More Options tab
• In the System Restore and Shadow Backups select Clean up
• Select Delete on the pop up
• Select OK
• Select Delete

You are now done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free program:

• SpywareBlaster to help prevent spyware from installing in the first place.
• SuperAntispyware Run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

• Secunia Software inspector To check your programme update status
• Microsoft Windows Update

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe

[floss001]

Hi

have done as you asked, system took 5 minutes to boot and load personal settings. Have downloaded software and have carried out every suggestion. Mouse still eratic. AM RUNNING SUPERANTISPYWARE NOW.

[Essexboy]

Keep me updated

[floss001]

SYSTEM HAS BEEN PAINFULLY SLOW . I will reboot to see if there is any difference after the last few changes.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/27/2008 at 05:23 PM

Application Version : 4.20.1046

Core Rules Database Version : 3549
Trace Rules Database Version: 1537

Scan type : Complete Scan
Total Scan Time : 02:50:33

Memory items scanned : 487
Memory threats detected : 0
Registry items scanned : 5913
Registry threats detected : 0
File items scanned : 28580
File threats detected : 14

Adware.Tracking Cookie
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@revsci[2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@tacoda[1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@advertising[3].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@doubleclick[1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@virginmedia[3].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@cgi-bin[2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij [email protected][2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@statcounter[1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@1060177615[1].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@atdmt[2].txt
C:\Documents and Settings\Nij Vyas\Cookies\nij vyas@adrevolver[1].txt

[Essexboy]

Looks good cookies only

[Essexboy]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

[Essexboy]

Please give me an update on the current status of your system