Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions


MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby silver » September 3rd, 2007, 9:58 am

Hi Gooner_101,

All those scans look good so just some finishing off to do:

The infection wasn't detected by many scanners so I'd like you to upload the removed files for analysis.
Please download Suspicious File Packer to your Desktop.
Right-click sfp.zip, choose Extract All... and extract sfp.exe to your Desktop
Double-click sfp.exe to start the program
Copy and Paste the following file list into the text box of the program:
C:\_OTMoveIt\MovedFiles\Documents and Settings\All Users\Start Menu\Programs\Startup\sleep.exe
C:\_OTMoveIt\MovedFiles\Documents and Settings\All Users\Start Menu\Programs\Startup\winsup.exe

A file called requested-files[YYYY-MM-DD_MM_ss].cab will appear on your Desktop - I will give you instructions for uploading this file by Private Message.

Next, clean up with OTMoveIt:
  • Double-click OTMoveIt to start the program
  • Close all other programs apart from OTMoveIt as this step will require a reboot
  • On the OTMoveIt main screen, press the CleanUp! button
  • Say Yes to the prompt and then allow the program to reboot your computer.

Create a new, clean System Restore point which you can use in case of future system problems:
Press Start->All Programs->Accessories->System Tools->System Restore
Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close

Now remove old, infected System Restore points:
Next click Start->Run and type cleanmgr in the box and press OK
Ensure the boxes for Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt
Press OK and Yes to confirm

Re-hide hidden/system files and folders:
Click Start -> My Computer
Select the Tools menu, click Folder Options and select the View tab
Under the Hidden files and folders heading SELECT Do not show hidden files and folders
CHECK the Hide extensions for known file types option
CHECK the Hide protected operating system files (recommended) option
Press OK

Assuming that all went well, I think at this stage your computer is clean of malware :) here are some tips to help you keep your machine clean:

Operating system vulnerabilities can easily be exploited by malware so please ensure your operating system is automatically kept up to date by using Windows Update:
Go to Start->Control Panel->Automatic Updates
Select Automatic and select a suitable schedule
Also, check that your antivirus and antispyware programs are set to automatically update daily.

You have a good antivirus package installed, however I recommend you also install antispyware software with real-time capabilities - this will protect you from a wider range of malware and also that it will protect you from system changes and spyware while you are working, not just removing malware after it has been installed. There are a range of paid-for and free packages available, a free one I can recommend is Windows Defender, available here:
http://www.microsoft.com/athome/securit ... fault.mspx

Spywareblaster is a free program which prevents the download and installation of Internet Explorer ActiveX based malware by immunizing your system against it. You can download Spywareblaster from here and a tutorial to help you get started is available here.

Consider a custom hosts file such as MVPS HOSTS. This custom hosts file effectively blocks a wide range of unwanted ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and many hijackers.
For information on how to download and install, please read this tutorial by WinHelp2002
Note: Be sure to follow the instructions to disable the DNS Client service before installing a custom hosts file.

Please take care when downloading programs. One of the easiest ways to be infected is to download freeware/shareware programs which come laden with malware - this includes allowing websites to install browser plug-ins orActiveX controls. Before downloading, it is crucial to check whether the source is reputable.
One way to check is to use McAfee SiteAdvisor. Copy the domain name into the space provided and SiteAdvisor will give you a report on the website which can help you decide if it is safe. They also have a toolbar for IE and Firefox which adds this functionality to your browser.

Download and install the free version of WinPatrol. This program protects your computer in a variety of ways and will work well with your existing security software. Have a look at this tutorial to help you get started with the program.

Find out more about how to prevent infection in the future

Please post back to let me know that you have read this, and if there are any further issues.
User avatar
Regular Member
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7
Register to Remove

Unread postby Gooner_101 » September 3rd, 2007, 11:39 am

Thanks so much, I never would've known what to do myself. :occasion5: I will know where to come if I ever get infected again but I have installed all the stuff you told me to so hopefully I won't!

Thanks again :D
Regular Member
Posts: 36
Joined: August 31st, 2007, 11:01 am
Location: London

Unread postby silver » September 3rd, 2007, 8:04 pm

You're most welcome and best of luck :)
User avatar
Regular Member
Posts: 9219
Joined: August 7th, 2006, 9:40 pm
Location: GMT+7

Unread postby Elrond » September 4th, 2007, 1:31 am

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.

You can help support this site from this link :
Donations For Malware Removal

Do not bother contacting us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.
User avatar
Admin/Teacher Emeritus
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 97 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware