Solved Annoying Ads...

Hi
OK follow through with the rest of my instructions.

Thanks
Geri

 

Kaspersky

i managed to get ATF Cleaner and used it before i did the Kaspersky scan.
here's the Kaspersky log:

KASPERSKY ONLINE SCANNER REPORT
Sunday, June 08, 2008 10:02:50 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 9/06/2008
Kaspersky Anti-Virus database records: 841128
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
E:\
F:\
G:\
Scan Statistics
Total number of scanned objects 91950
Number of viruses found 6
Number of infected objects 17
Number of suspicious objects 0
Duration of the scan process 02:07:13

Infected Object Name Virus Name Last Action
C:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPAppActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\HPPHomePageActivity.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-06-08_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05494E5E.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.bth skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05494E5E.exe/stream Infected: Trojan-Downloader.Win32.Zlob.bth skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05494E5E.exe NSIS: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\05494E5E.exe CryptFF: infected - 2 skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08B427C8.com Infected: EICAR-Test-File skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08FC4379.com Infected: EICAR-Test-File skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0A867FA1.tmp Infected: Backdoor.Win32.IRCBot.aaq skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4AD820B6.exe Infected: Virus.Win32.AutoRun.sz skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\.rainlendar2\rainlendar2.log Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Application Data\Symantec\PendingAlertsQueue.log Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_360.wmdb Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Imprt_Tunrz\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Gateway_Specific.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Gateway_Specific_UK.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Gateway_Specific_Vista.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Microsoft_Security.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Microsoft_Security_UK.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Other.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Urgent.dat Object is locked skipped
C:\Program Files\BigFix\__Data\Gateway\__Local\Tmp\Welcome.dat Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBConfig.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDebug.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBDetect.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBNotify.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBRefr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetCfg2.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetDev.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetLoc.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSetUsr.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMNot.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMReg.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBSMRSt.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStHash.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBStMSI.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\BBValid.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPPolicy.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStart.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SPBBC\LOGS\SPStop.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP2\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{AB0CD47A-3F4E-4998-8D62-278791237D27}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd6893.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP2\change.log Object is locked skipped
D:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked skipped
F:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked skipped
F:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
F:\Program Files\Norton AnitVirus 2006\AVApp.log Object is locked skipped
F:\Program Files\Norton AnitVirus 2006\AVError.log Object is locked skipped
F:\Program Files\Norton AnitVirus 2006\AVVirus.log Object is locked skipped
F:\Program Files\Norton AnitVirus 2006\Savrt\0373NAV~.TMP Object is locked skipped
F:\Program Files\Norton AnitVirus 2006\Savrt\0434NAV~.TMP Object is locked skipped
F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
F:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP2\change.log Object is locked skipped
G:\autorun.inf\lpt3.This folder was created by Flash_Disinfector Object is locked skipped
G:\Download from Internet\mirc621.exe/stream/data0008 Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
G:\Download from Internet\mirc621.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.621 skipped
G:\Download from Internet\mirc621.exe NSIS: infected - 2 skipped
G:\Download from Internet\mirc631.exe/stream/data0001/stream/data0014 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\Download from Internet\mirc631.exe/stream/data0001/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\Download from Internet\mirc631.exe/stream/data0001 Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\Download from Internet\mirc631.exe/stream Infected: not-a-virus:Client-IRC.Win32.mIRC.631 skipped
G:\Download from Internet\mirc631.exe NSIS: infected - 4 skipped
G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
G:\System Volume Information\_restore{D23EFF2A-BFEF-46A5-8364-D064E372DF2B}\RP2\change.log Object is locked skipped
Scan process completed.

 

Hi imprttunrz

OK Looks good.

Please go to Nortons AV Quarintine folder and delete everything in there.

The others that Kaspersky is showing is your IRC.

Please let me know how things are running.

Thanks
Geri

 

Everything seems to be working fine.
Thank you so much for your help!!

 

Hi imprttunrz
OK Great.
Glad I could help out.

Please look at this link for some preventive recommendations, It could keep you from ending up back here to the Spyware and Virus Removal Forums.
http://www.windowsbbs.com/showthread.php?t=67958

I'll mark this one resolved.

Surf Safely
Geri