Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Spyware Guard 2009

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Spyware Guard 2009

Unread postby MikeSwim07 » April 4th, 2009, 4:51 pm

Sorry about this but can you please now re-run Kaspersky Online Scan? :)
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone
Advertisement
Register to Remove

Re: Spyware Guard 2009

Unread postby deinonychus73 » April 5th, 2009, 12:02 pm

Michael,

Here is the latest Kasperysky scan result:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Sunday, April 5, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Sunday, April 05, 2009 02:32:43
Records in database: 2012728
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\

Scan statistics:
Files scanned: 143043
Threat name: 3
Infected objects: 71
Suspicious objects: 0
Duration of the scan: 03:45:27


File name / Threat name / Threats count
C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Jatif_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{11F5B857-2A6E-4500-9813-3D41BA4353C0}\Posiepoodle1_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{6EB48356-BCA4-4E31-A070-2D95EAE597D8}\BUY_ExplodingOrgasm-BiggerLoads.HTM Infected: Trojan.JS.Redirector.b 1
C:\Program Files\Angle Interactive\RD Platinum v5.0\RDPlatinumv5.exe Infected: not-a-virus:FraudTool.Win32.RegistryDefender.g 1
C:\_OTMoveIt\MovedFiles\04022009_184733\Program Files\Mystery in London\MysteryInLondon.exe Infected: not-a-virus:FraudTool.Win32.SpyLocked.as 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Andrewbayram-Lose-10poundsIn10days.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\ATT5C6.eml Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Bbrownvhha_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Berry_4748_click-onlineRX.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Berry_69_click-onlineRX.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Bramj_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Burger_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Burns_Buy_HERBALVIAGRA.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_DIET_SENSATION.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_ExplodingOrgasm-BiggerLoads.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_GREAT_MALENLARGER.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_HERBALVIAGRA.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_LAST_LONGER.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_MALEGROWTH.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_PERMANENTENLARG.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_PERMANENTENLARG.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_SPERMCOUNT.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\BUY_YOURSPERMCOUNT.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Caryhedges_10POUNDSIN10DAYSDIET.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Caryhedges_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Chamberlain_Buy_HERBALEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\click-HERBALVIAGRA.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\click-WeightLossSensation.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Contreras_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Dodig_10POUNDSIN10DAYSDIET.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Dowdy_Buy_HERBALVIAGRA.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Frtrus.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Frye_Buy_HERBALVIAGRA.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Gcarreiro_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Gcarreiro_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Hrmiller-Lose-10poundsIn10days.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Hrmiller_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Jewell_Buy_HERBALVIAGRA.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Kelleyfour_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Kelleyfour_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Kim_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Kiser_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Kiwi783_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Ldhaugen_10POUNDSIN10DAYSDIET.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Mcneill_Buy_eXplodingORGAsms.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Mlhearn_10POUNDSIN10DAYSDIET.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\OpenThisHTML_FastDeliveryRXmed.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\OPEN_THIS_HTML_PERMANENTGROWTH.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Posiepoodle1_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Posiepoodle1_click-EXPLODING-ORGASMS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Posiepoodle1_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Potts_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Rcsinclair1_click_LAST-LONGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Reovan_click-ONLINE_PHARM.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Tukook_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Tukook_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Vaughn46_click-PERMANENTENLARGER.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Whitlock_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{16319952-FFE2-4E80-BE1A-61CE2FAA3403}\Kim_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{222F1EDA-66D9-4452-93EA-B0900C05F5D9}\Kim_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{387503E1-77DB-4A56-A775-D7CF928328F1}\_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{3C4D8737-E539-4075-989E-4AEF14D6104A}\BUY_PERMANENTENLARG.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{78866C5B-E536-4FD3-BD4F-54352CA2B2A2}\Tukook_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{A116207B-8573-4530-99AF-3CE97C54C205}\BUY_PERMANENTENLARG.HTM Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{A7D99C2A-07F3-427E-9D7B-123512895CFB}\BUY_LAST_LONGER.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{C2ADE70B-3371-4BDA-BF6B-5574A8D01FF4}\Kim_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{C38CDBB1-EE83-48B4-B90E-3D5CAC594C99}\BUY_YOURSPERMCOUNT.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{C8B50E5D-5923-4660-AD37-6EE754A030EB}\Kim_Buy_PermanentEnlarger.HTML Infected: Trojan.JS.Redirector.b 1
C:\_OTMoveIt\MovedFiles\04022009_185215\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{FCECB9A8-7DA5-4A07-B0B4-645156BADB01}\_click-BIGGERLOADS.htm Infected: Trojan.JS.Redirector.b 1

The selected area was scanned.
deinonychus73
Active Member
 
Posts: 12
Joined: March 27th, 2009, 7:53 pm

Re: Spyware Guard 2009

Unread postby MikeSwim07 » April 5th, 2009, 3:59 pm

Run OTMoveIt3
  • Double-click on OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below.
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    Code: Select all
    :files
    C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Jatif_click-BIGGERLOADS.htm
    C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{11F5B857-2A6E-4500-9813-3D41BA4353C0}\Posiepoodle1_click-PERMANENTENLARGER.htm
    C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{6EB48356-BCA4-4E31-A070-2D95EAE597D8}\BUY_ExplodingOrgasm-BiggerLoads.HTM
    C:\Program Files\Angle Interactive
    
  • Return to OTMoveIt3, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
  • Click the red Moveit! button.
  • If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
  • If you are not asked to reboot close OTMoveIt3.
  • A log C:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log will be created (where mmddyyyy_hhmmss are numbers giving date and time the log was created).

Please post the OTMoveIt3 log, how is everything running now?
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Spyware Guard 2009

Unread postby deinonychus73 » April 5th, 2009, 9:29 pm

Michael,

Well, I have to apologize because I decided to run ESET online scanner today and I selected the option to have it remove what it found and scan for unwanted applications, etc. I then left and let the computer do it's thing for a couple of hours. When I came back, the report stated that it had removed those files you mentioned above and the OTMoveIt3 files. I hope I didn't throw a wrench into the works there but I'm sure those files would have gone away eventually anyway right? :)

As far as how the computer is running? Fine except it seems a little slow with the AVG resident shields on. I think that could just be because it's a slightly older machine and maybe doesn't work so great with AVG resident shield enabled. I believe the fake security scanner softwares have been removed and there has been no browser redirects with either IE or Firefox.

There is a Malwarebytes scan running while I await your next instructions. Please advise and again, sorry for going ahead. ;) I do sincerely appreciate your kind assistance!!!
deinonychus73
Active Member
 
Posts: 12
Joined: March 27th, 2009, 7:53 pm

Re: Spyware Guard 2009

Unread postby deinonychus73 » April 6th, 2009, 3:24 pm

So here's what I get from OTMoveIt3 with those files:

========== FILES ==========
File/Folder C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\Jatif_click-BIGGERLOADS.htm not found.
File/Folder C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{11F5B857-2A6E-4500-9813-3D41BA4353C0}\Posiepoodle1_click-PERMANENTENLARGER.htm not found.
File/Folder C:\Documents and Settings\User\Local Settings\Application Data\IM\Identities\{D94EBDD0-F81C-499B-9C13-D0EEF2D4125B}\Message Store\Attachments\{6EB48356-BCA4-4E31-A070-2D95EAE597D8}\BUY_ExplodingOrgasm-BiggerLoads.HTM not found.
File/Folder C:\Program Files\Angle Interactive not found.

OTMoveIt3 by OldTimer - Version 1.0.10.0 log created on 04062009_121938

So - again - my apologies. I really wasn't trying to rush ahead of your directions - just wasn't really thinking about it when I checked the option to have that stuff removed.

What would you like me to check next? Or do you think the machine is clean? I haven't noticed any "symptoms", which of course doesn't always mean there is no infection. However, the only things that seem to be coming up in recent scans are files in OTMoveIt3.
deinonychus73
Active Member
 
Posts: 12
Joined: March 27th, 2009, 7:53 pm

Re: Spyware Guard 2009

Unread postby MikeSwim07 » April 6th, 2009, 7:54 pm

This is my normal post for when you are clear - which you now are - or seem to be.
Please advise of any problems you still have. If you think you're clean please give one more reply so that I can archive this topic.

Now that you are clean, I have some tips & tricks for you to keep your computer clean and secure. The first few (like removing dangerous tools and Windows Update) have to be done, the others are optional.

It may seem like your system will be too much protected with all these things installed, but a lot of programs aren't running always on the background so don't slow down your computer. Please take a look at the following things:

    Delete Harmful tools with OTMoveIt3

    • Start OTMoveIt.exe
    • Click on CleanUp!
    • A list of tools will be downloaded from the internet
    • When a box pops up click Yes
  • You may delete any logs that any of the tools produced.
  • Clear Old System Restore Points
    • Turn System Restore off
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Check Turn off System Restore.
    • Click Apply, and then click OK.
    • Turn System Restore on
    • On the Desktop, right click on the My Computer icon.
    • Click Properties.
    • Click the System Restore tab.
    • Uncheck *Turn off System Restore*.
    • Click Apply, and then click OK.
    Note: only do this once,and not on a regular basis
  • Make your Internet Explorer more secure - This can be done by following these simple instructions:
    • From within Internet Explorer click on the Tools menu and then click on Options.
    • Click once on the Security tab
    • Click once on the Internet icon so it becomes highlighted.
    • Click once on the Custom Level button.
      • Change the Download signed ActiveX controls to Prompt
      • Change the Download unsigned ActiveX controls to Disable
      • Change the Initialize and script ActiveX controls not marked as safe to Disable
      • Change the Installation of desktop items to Prompt
      • Change the Launching programs and files in an IFRAME to Prompt
      • Change the Navigate sub-frames across different domains to Prompt
      • When all these settings have been made, click on the OK button.
      • If it prompts you as to whether or not you want to save the settings, press the Yes button.
    • Next press the Apply button and then the OK to exit the Internet Properties page.
  • Update your Anti-Virus Software - It is imperative that you update your Anti-virus software everyday. If you do not allow your anti-virus software to update itself then it will not be able to catch any of the new variants that may come out.
  • Visit Microsoft's Update Site Frequently - It is important that you visit http://update.microsoft.com/ regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
  • Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.
    This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti-virus software. A tutorial on installing & using this product can be found here:
    Tutorial for Spybot S & D
  • Install WinPatrol - As a robust security monitor, WinPatrol will alert you to hijackings, malware attacks and critical changes made to your computer without your permission. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You can download it from this website:
    WinPatrol
    The developer is a well-known man in the MalWare Removal business. If you really like WinPatrol think about upgrading to the PLUS version. It will give you additional features and you will only have to pay once, for your whole malware-free life.
  • Install MVPS HOSTS - This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
    For information on how to download and install, please read this tutorial here:
    WinHelp2002
    Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.
  • Bookmark this general cleanup link - It could be that your computer is becoming slower and slower. This is not always the cause of malware. Most of the times it's malware when you're computer is suddenly getting slow or doing strange. When the slowdown increases slowly check (bookmark please) this link for tips & tricks:
    Help! My computer is slow
  • Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically.

>> Here << you can see how you can help us.
MikeSwim07
Regular Member
 
Posts: 4215
Joined: August 27th, 2007, 9:44 am
Location: Gone

Re: Spyware Guard 2009

Unread postby deinonychus73 » April 7th, 2009, 1:13 am

Michael,

Thank you SO much for your assistance! :cheers: A Kaspersky online scan which just completed reports nothing found. I feel comfortable that threats have been removed. The computer seems to be running much better now.
deinonychus73
Active Member
 
Posts: 12
Joined: March 27th, 2009, 7:53 pm

Re: Spyware Guard 2009

Unread postby NonSuch » April 7th, 2009, 7:36 pm

As this issue appears to be resolved, this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27301
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 66 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware