[sparklinbluiz]

Hi Andrew,

Here is the new moveit file:

Explorer killed successfully
C:\Documents and Settings\Stefani\My Documents\Stef Downloads\setup.exe moved successfully.
< EmptyTemp >
File delete failed. C:\DOCUME~1\Stefani\LOCALS~1\Temp\hsperfdata_Stefani\2328 scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\JET8090.tmp scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_840.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\~ROMFN_000004CC scheduled to be deleted on reboot.
Temp folders emptied.
IE temp folders emptied.
< purity >
Explorer started successfully

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 08032008_121324

Files moved on Reboot...
File C:\DOCUME~1\Stefani\LOCALS~1\Temp\hsperfdata_Stefani\2328 not found!
C:\WINDOWS\temp\JET8090.tmp moved successfully.
C:\WINDOWS\temp\Perflib_Perfdata_840.dat moved successfully.
File C:\WINDOWS\temp\~ROMFN_000004CC not found!


Should I delete the quarantined items in my virus vault? I can't find a way to get a report so I am attaching a screen shot of the vault contents rather than risk typing them wrong!

Please let me know if I should run the Kaspersky again.

Thanks for all your help.
S

Attached Files

•  Virus_Vault.doc   71.5KB   6 downloads

[Advertisements]

Hi sparklinbluiz

congratulations, your logs are clean and another fix is in the can

in this post we will clear away the fix tools (this is so that should you ever be re-infected, you will download updated versions and it will also remove the quarantined Malware from your computer), reset your restore points (there will be infections lurking in there) and i will leave you with some ideas on how to enhance the protection of your machine against future infection.

Should I delete the quarantined items in my virus vault?

no, leave them in there. any infections are safely quarantined. and if those HP ones turn out to be false positives then you can safely restore them.

Please let me know if I should run the Kaspersky again.

no need to do that, i wont find anything more.

Speaking of which....I use Mozy.com for my backups and my download folder may be one of the folders being backed up. Will these infections be backed up as well? Is my data at risk?
(holding breath)

we did not find anything infected in there and, indeed, your machine was only very lightly infected. as a rule, if you have crucial files, i would back them up onto something outside your machine.

====STEP 1====

• Make sure you have an Internet Connection.
• Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

====STEP 2====
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

Instructions with screenshots to help is http://www.f-secure..../sfc_dis1.shtml

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/kb/310405


====IDEAS TO SPEED UP YOUR MACHINE====
this page http://users.telenet...owcomputer.html gives some good ideas on how to improve the efficiency of your machine and has one or two useful links to help your further.


====AND FINALLY====
The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

• Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  
• AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  
• SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  
• SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  
• IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  
• ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  
• Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein


andrewuk

[andrewuk]

Hi sparklinbluiz

congratulations, your logs are clean and another fix is in the can

in this post we will clear away the fix tools (this is so that should you ever be re-infected, you will download updated versions and it will also remove the quarantined Malware from your computer), reset your restore points (there will be infections lurking in there) and i will leave you with some ideas on how to enhance the protection of your machine against future infection.

Should I delete the quarantined items in my virus vault?

no, leave them in there. any infections are safely quarantined. and if those HP ones turn out to be false positives then you can safely restore them.

Please let me know if I should run the Kaspersky again.

no need to do that, i wont find anything more.

Speaking of which....I use Mozy.com for my backups and my download folder may be one of the folders being backed up. Will these infections be backed up as well? Is my data at risk?
(holding breath)

we did not find anything infected in there and, indeed, your machine was only very lightly infected. as a rule, if you have crucial files, i would back them up onto something outside your machine.

====STEP 1====

• Make sure you have an Internet Connection.
• Double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Click on the CleanUp! button
• A list of tool components used in the Cleanup of malware will be downloaded.
• If your Firewall or Real Time protection attempts to block OtMoveit2 to reach the Internet, please allow the application to do so.
• Click Yes to begin the Cleanup process and remove these components, including this application.
• You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

====STEP 2====
To reset your restore points, please note that you will need to log into your computer with an account which has full administrator access. You will know if the account has administrator access because you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

Instructions with screenshots to help is http://www.f-secure..../sfc_dis1.shtml

(Windows XP)
1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

How to Turn On and Turn Off System Restore in Windows XP
http://support.microsoft.com/kb/310405


====IDEAS TO SPEED UP YOUR MACHINE====
this page http://users.telenet...owcomputer.html gives some good ideas on how to improve the efficiency of your machine and has one or two useful links to help your further.


====AND FINALLY====
The following is a list of tools and utilities that I like to suggest to people. This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

• Spybot Search & Destroy - Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.
  
• AdAware - Another very powerful tool which searches and kills nasties that infect your system. AdAware and Spybot Search & Destroy compliment each other very well.
  
• SpywareBlaster - Great prevention tool to keep nasties from installing on your system.
  
• SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place.
  
• IE-SpyAd - puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all.
  
• ATF Cleaner - Cleans temporary files from IE and Windows, empties the recycle bin and more. Great tool to help speed up your computer and knock out those nasties that like to reside in the temp folders.
  
• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• Google Toolbar - Free google toolbar that allows you to use the powerful Google search engine from the bar, but also blocks pop up windows.
  
• Trillian or Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein


andrewuk

[sparklinbluiz]

Hi Andrew,

Thanks again for all your help! I do have a few final questions.

I ran the cleanup and the removal was successful. I did the system restore steps but wonder if there is a step where I need to actually CREATE a new restore point or did that happen automatically when I turned system restore back on?

You mentioned I should have a backup off of the computer. That is why I use the mozy.com; I pay a yearly fee and each night my system uploads my backups to their site. The files on my computer "should" only be the setup tools. Please let me know if you don't think this is a safe backup. I thought it better than manually remembering to back up to a drive daily.

I have the paid version of AVG on my desktop, therefore I use their firewall, however, on my laptop I use the free AVG so currently windows firewall is set. Am I better off downloading for example Zonealarm to use on the laptop? I used to use that program.

Finally, I already have Ad-aware and my old PC had that and spybot. I did read the recommended articles and wanted to get your opinion on whether or not I should use the Spybot program or if you like a different one. Ad-Aware came with Ad-Watch and I'm not quite sure yet if that is something I have to configure separately or not. It was the day I found the problem on my comp that I downloaded it so haven't had a lot of time to look into it.

Finally, if I haven't mentioned it enough, thank you thank you thank you for everything!

[andrewuk]

I ran the cleanup and the removal was successful. I did the system restore steps but wonder if there is a step where I need to actually CREATE a new restore point or did that happen automatically when I turned system restore back on?

it will happen automatically when you turn it back on.

You mentioned I should have a backup off of the computer. That is why I use the mozy.com; I pay a yearly fee and each night my system uploads my backups to their site. The files on my computer "should" only be the setup tools. Please let me know if you don't think this is a safe backup. I thought it better than manually remembering to back up to a drive daily.

sounds safe enough to me.

I have the paid version of AVG on my desktop, therefore I use their firewall, however, on my laptop I use the free AVG so currently windows firewall is set. Am I better off downloading for example Zonealarm to use on the laptop? I used to use that program.

you would be better off downloading a different firewall and switching off the windows firewall. i would suggest the free comodo product.......though only download the free comodo firewall.

Finally, I already have Ad-aware and my old PC had that and spybot. I did read the recommended articles and wanted to get your opinion on whether or not I should use the Spybot program or if you like a different one. Ad-Aware came with Ad-Watch and I'm not quite sure yet if that is something I have to configure separately or not. It was the day I found the problem on my comp that I downloaded it so haven't had a lot of time to look into it.

use both spybot and adaware. they are on-demand programs (i.e. they run when you tell them to). personally, i update them and run them once a week. you can install and use all the programs i recommended to you.

andrewuk

[andrewuk]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.