Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
Hi, Can anyone help me get rid of these annoying pop up windows ? some how a programme called instant access has made its way on my computer and now everytime I'm on the internet websites appear out of the blue
Last edited by jamon08; 9th September 2007 at 08:19.
Didn't find the information you thought to find? Check out these Similar Threads
Please do the following, so we can see what's going on.
Download a copy of HJTsetup.exe from hereor here and save it to your Desktop.
Save HJTsetup.exe to your desktop.
Double-click on the HJTsetup.exe icon on your desktop.
(By default it will install to C:\Program Files\Hijackthis)
Continue to click Next in the setup dialogue boxes until you get to the Select Additional Tasks dialogue.
Put a check by Create a desktop icon and then click Next again.
Continue to follow the rest of the prompts from there.
At the final dialogue box click Finish and it will launch HijackThis.
Click on the Do a system scan and save a log file button.
(It will scan and the log should open in Notepad.)
Click on "Edit" > "Select All" to higlight the entire Notepad contents.
Then click on "Edit" > "Copy".
Come back here to this thread and Paste the log in your next reply.
(Right-click in the message body field and select "Paste".)
CAUTION:DO NOT have HijackThis "fix" anything without carefully following expert guidance. Otherwise, you might render your computer unstable or even unbootable. Most of what HijackThis finds will be harmless or even required.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:54:51 a.m., on 19/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Please follow these instructions exactly as given.
Now download AVG Anti-Spyware from HERE and save that file to your desktop. This is a 30 day trial of the program
Once you have downloaded AVG Anti-Spyware, locate the icon on the desktop and double-click it to launch the set up program.
Once the setup is complete you will need run AVG Anti-Spyware and update the definition files.
On the main screen select the icon "Update" then select the "Update now" link.
Next select the "Start Update" button, the update will start and a progress bar will show the updates being installed.
Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
Under "Reports"
Select "Automatically generate report after every scan"
Un-Select "Only if threats were found"
Close AVG Anti-Spyware, Do Not run a scan just yet, we will shortly.
Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter. IMPORTANT: Do not open any other windows or programs while AVG Anti-Spyware is scanning, it may interfere with the scanning proccess:
Lauch AVG Anti-Spyware by double-clicking the icon on your desktop.
Select the "Scanner" icon at the top and then the "Scan" tab then click on "Complete System Scan".
AVG Anti-Spyware will now begin the scanning process, be patient this may take a little time. Once the scan is complete do the following:
If you have any infections you will prompted, then select "Apply all actions"
Next select the "Reports" icon at the top.
Select the "Save report as" button in the lower left hand of the screen and save it to a text file on your system (make sure to remember where you saved that file, this is important).
Close AVG Anti-Spyware and reboot your system back into Normal Mode and post the results of the AVG Anti-Spyware report scan.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-2696166679-282274220-1199131496-1006\Software\egdhtml -> Dialer.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP366\A0053022.exe -> Dialer.InstantAccess.ae : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP366\A0053023.exe -> Dialer.InstantAccess.ae : Cleaned with backup (quarantined).
C:\Documents and Settings\Tamariki\Cookies\tamariki@2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@realnetworks.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@adrevolver[1].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@as.casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ehg-dig.hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@counter.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@counter2.hitslink[1].txt -> TrackingCookie.Hitslink : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@searchportal.information[1].txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@search.live[1].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@search.msn[2].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@qksrv[2].txt -> TrackingCookie.Qksrv : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@realmedia[1].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@serving-sys[3].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@skype[1].txt -> TrackingCookie.Skype : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@h.starware[1].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@try.starware[2].txt -> TrackingCookie.Starware : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@tacoda[3].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\DAD\Cookies\dad@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ezzs.valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@valueclick[2].txt -> TrackingCookie.Valueclick : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Tamariki\Cookies\tamariki@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
::Report end
HJT log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:40:41 a.m., on 20/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
* Extract its contents to the desktop.
* Double click on navilog1.exe to install it on your computer.
* When the installation is complete, the tool will start automatically.
* If it doesn't start automatically, please double click on Navilog1 shortcut on your desktop to run it.
* Press E for English from the language Menu.
* Type 1 in the next Menu to select Search and press Enter.
* Wait for the Scan to finish (It may take a reasonable amount of time)
* Press any key as requested .
* A new document will be produced: fixnavi.txt.
* Please copy/paste the contents of this report in your next reply.
Please post the fixnavi.txt log and a new HJT log.
Search Navipromo version 3.0.1 began on Thu 20/09/2007 at 18:37:29.51
!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Updated on 08.09.2007 at 21h00 by IL-MAFIOSO
Microsoft Windows XP [Version 5.1.2600]
Version Internet Explorer : 7.0.5730.11
Done in normal mode
*** Searching for installed Software ***
*** Search folders in C:\WINDOWS ***
*** Search folders in C:\Program Files ***
*** Search folders in C:\Documents and Settings\All Users\Application Data ***
*** Search folders in C:\Documents and Settings\DAD\Application Data ***
2)Heuristic Search :
*
C:\WINDOWS\system32\btqfku.dat found !
C:\WINDOWS\system32\btqfku_navps.dat found !
C:\WINDOWS\system32\linkprd.exe found !
C:\WINDOWS\system32\lnaccess.exe found !
3)Certificates Search :
Certificate Egroup found !
*** Search completed on Thu 20/09/2007 at 18:43:14.70 ***
part 2
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:45:22 p.m., on 20/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
File to upload & scan:
Service
Service load: 0% 100%
File: btqfku.exe_
Status: OK(Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 67cb15b67a435f16dc221d3cc56aa0f4
Packers detected: -
Bit9 reports: File not found
Scanner results
Scan taken on 12 Sep 2007 05:49:20 (GMT)
A-Squared Found nothing
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
CPsecure Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
F-Secure Anti-Virus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
Panda Antivirus Found nothing
Rising Antivirus Found nothing
Sophos Antivirus Found nothing
VirusBuster Found nothing
VBA32 Found nothing
Powered by
Disclaimer
This service is by no means 100% safe. If this scanner says 'OK', it does not necessarily mean the file is clean. There could be a whole new virus on the loose. NEVER EVER rely on one single product only, not even this service, even though it utilizes several products. Therefore, We cannot and will not be held responsible for any damage caused by results presented by this non-profit online service.
Also, we are aware of the implications of a setup like this. We are sure this whole thing is by no means scientifically correct, since this is a fully automated service (although manual correction is possible). We are aware, in spite of efforts to proactively counter these, false positives might occur, for example. We do not consider this a very big issue, so please do not e-mail us about it. This is a simple online scan service, not the university of Wichita.
Scanning can take a while, since several scanners are being used, plus the fact some scanners use very high levels of (time consuming) heuristics. Scanners used are Linux versions, differences with Windows scanners may or may not occur. Another note: some scanners will only report one virus when scanning archives with multiple pieces of malware.
Virus definitions are updated every hour. There is a 10Mb limit per file. Please refrain from uploading tons of hex-edited or repacked variants of the same sample.
Please do not ask for viruses uploaded here, unless you work for an anti-virus vendor. They are not for trade. This is a legitimate service, not a VX site. Viruses uploaded here will be distributed to antivirus vendors without exception. Read more about this in our privacy policy. If you do not want your files to be distributed, please do not send them at all.
Sponsored by donations (in random order) from: Stormbyte Technologies LLC, The ClamAV project, Steve S., Eric Johansen, Eric Schechter, Paul Bokel, Wilders Security, Wilfried Lilie, Prevx, SonicWALL, Lance Mueller, Ewido networks, HotelScraper.com, people who donated in the past, and some people who prefer to remain anonymous... many thanks to all!
--------------------------------------------------------------------------------
Statistics
Last file scanned at least one scanner reported something about: NOD32.Eset.3.2.August.2007_Deviance.WORKING.rar (MD5: 893279573e09e462ca1cec2c931a82b1, size: 313122 bytes), detected by:
Scanner Malware name
A-Squared Trojan-Dropper.Win32.Delf.agh
AntiVir TR/Agent.VW.3
ArcaVir Heur.W32
Avast X
AVG Antivirus Downloader.Zlob.HCB
BitDefender Trojan.Agent.VW
ClamAV X
CPsecure X
Dr.Web X
F-Prot Antivirus X
F-Secure Anti-Virus X
Fortinet Grayware
Kaspersky Anti-Virus X
NOD32 X
Norman Virus Control X
Panda Antivirus X
Rising Antivirus Trojan.DL.Win32.Zlob.adb
Sophos Antivirus X
VirusBuster X
VBA32 Trojan-Dropper.Win32.Delf.agh
You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives
We are not affiliated with any third parties that conduct tests using this service.
* Double click on Navilog1 shortcut icon on your desktop to run it.
* Press E for English from the language Menu.
* Type 2 in the next Menu and press Enter.
* The tool will then advise you that it will restart your computer.
* Close all open windows and save personnal documents, if open, too.
* If your computer doesn't restart automatically, restart it manually.
* Choose your usual session.
* Wait for the *** Clean finished the ... *** message (It may take a reasonable amount of time)
* A new document will be produced.
* Please copy/paste the contents of this report in your next reply.
* Your desktop will now appear.
Note : In the event you lose your desktop, press CTRL+ALT+Delete and run Explorer.exe as a new task.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:58 a.m., on 22/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Navipromo Removal version 3.0.1 started on Sat 22/09/2007 at 6:31:11.32
Fix running from C:\Program Files\navilog1
echo Updated on 08.09.2007 at 21h00 by IL-MAFIOSO
Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 7.0.5730.11
echo Automatic removal
*** Creating backups for files found by Blacklight
Copy to "C:\Program Files\navilog1\Backupnavi"
*** Deleting files found with Blacklight ***
C:\windows\system32\btqfku.exe deleted !
** Second pass **
C:\WINDOWS\system32\btqfku.exe not found !
C:\WINDOWS\system32\btqfku_navup.dat not found !
C:\WINDOWS\system32\btqfku_navtmp.dat not found !
C:\WINDOWS\system32\btqfku_m2s.xml not found !
C:\WINDOWS\system32\btqfku.dat found !
Copy C:\WINDOWS\system32\btqfku.dat done !
C:\WINDOWS\system32\btqfku.dat deleted !
C:\WINDOWS\system32\btqfku_nav.dat found !
Copy C:\WINDOWS\system32\btqfku_nav.dat done !
C:\WINDOWS\system32\btqfku_nav.dat deleted !
C:\WINDOWS\system32\btqfku_navps.dat found !
Copy C:\WINDOWS\system32\btqfku_navps.dat done !
C:\WINDOWS\system32\btqfku_navps.dat deleted !
C:\WINDOWS\prefetch\btqfku*.pf found !
Copy C:\WINDOWS\prefetch\btqfku*.pf done !
C:\WINDOWS\prefetch\btqfku*.pf deleted !
*** Deleting with Backups results GenericNaviSearch ***
* Scan C:\WINDOWS\system32 *
*** Deleting folders in C:\WINDOWS ***
*** Deleting folders in C:\Program Files ***
*** Deleting folders in C:\Documents and Settings\All Users\Application Data ***
*** Deleting folders in C:\Documents and Settings\DAD\Application Data ***
Now close all windows other than HiJackThis, then click Fix Checked.
Close HJT.
Please reboot your computer.
Download ATF Cleaner by Atribune and save it to your Desktop.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Prefetch
Java Cache
Recycle bin
The rest are optional - if you want it to remove everything check "Select All".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.
Scan Statistics:
Total number of scanned objects: 43391
Number of viruses found: 1
Number of infected objects: 1
Number of suspicious objects: 0
Duration of the scan process: 00:46:30
Infected Object Name / Virus Name / Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\ModemLog_Motorola SM56 Speakerphone Modem.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-09-22_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\DAD\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\DAD\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\DAD\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\DAD\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\DAD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\DAD\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\DAD\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\DAD\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0744NAV~.TMP Object is locked skipped
C:\Program Files\Norton AntiVirus\Savrt\0941NAV~.TMP Object is locked skipped
C:\Program Files\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton AntiVirus\AVError.log Object is locked skipped
C:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP373\A0054323.exe Infected: Trojan.Win32.Obfuscated.en skipped
C:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP376\change.log Object is locked skipped
D:\System Volume Information\_restore{1A2FE54D-9D26-4B44-ADCA-479EBEE5A642}\RP376\change.log Object is locked skipped
My computer is excellant, I think better than it was before I started getting the pop ups.
So what did I have ?
Should I keep any of the programs that I have installed through my little adventure ?
There are so many questions that I want to ask but I should probably use the correct forum, I wonder how many other hopeless bunnys like myself that you have to tend to and I should let you get on with the virus killing.
Mate, I really enjoyed working with you and actually looked forward to coming home from work and seeing what new tasks you had for me to perform.
Till next time take it easy buddy and keep up the work..
