Hi guys. First let me say thanks for performing this service for complete strangers. It's nice to know that for every malware maker out there, a good soul somewhere is fighting them.

My friend's computer was a real mess when I got it from her. It's been sitting on a non-firewalled cable connection for about three years. She had no Antivirus and she had never defragged her 40GB (at 33GB filled) HDD. Needless to say, this thing was slow. I've yanked the drive and put it through a Symantec Corporate virus scan, in a seperate box. As far as it can tell, there are no viruses left on the machine (after I had it delete the 33 it found, then rebooted and ran it again ). The spy/adware is proving to be much more difficult to tackle than the viruses surprisingly enough. Like I said in the Topic Title, I ran through the instructions you ask us to do before posting and it appears I've reached the end where I'm ready to make a post. Here are all the logs I've managed to collect for you. Thanks in advance for any help.

--------------------------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 4:28:14 PM, on 5/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Owner.HOME-JEN\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {B70A136A-858A-A12C-887C-83ADAFCC73C3} - C:\WINDOWS\system32\ajqpvulz.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Bdlb] "C:\Program Files\?ystem\s?chost.exe"
O4 - HKCU\..\Run: [Mxxqqi] C:\WINDOWS\?racle\n?lookup.exe
O4 - HKCU\..\Run: [Kyiiazem] "C:\Program Files\?racle\s?rvices.exe"
O4 - HKCU\..\Run: [Eej] "C:\Documents and Settings\Owner.HOME-JEN\Application Data\??stem\w?auboot.exe"
O4 - HKCU\..\Run: [Oypr] C:\WINDOWS\system32\?asks\j?vaw.exe
O4 - HKCU\..\Run: [Uutp] "C:\PROGRA~1\COMMON~1\SKS~1\javaw.exe" -vt ndrv
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117fd.bay117.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1165717299564
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165813343451
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\System32\svchosts.exe" -e te-110-12-0000213 (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

----------------------------------------------------------

ActiveScan

Incident Status Location

Adware:adware/keenvalue Not disinfected c:\program files\common files\updater
Spyware:Cookie/Humanclick Not disinfected C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt[hc2.humanclick.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt[.atwola.com/]
Adware:Adware/InstDollars Not disinfected C:\Program Files\MProcessor\first.awp
Adware:Adware/InstDollars Not disinfected C:\Program Files\MProcessor\second.awp
Adware:Adware/Lop Not disinfected C:\Program Files\TRUSTBINVGA\regs seek.exe
---------------------------------------------------------------

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 7:30:14 AM 5/22/2007

+ Scan result:



C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned.
C:\Program Files\WinBudget\bin\crap.1168938638.old -> Adware.BHO : Cleaned.
C:\Program Files\WinBudget\bin\matrix.dll -> Adware.BHO : Cleaned.
C:\RECYCLER\S-1-5-21-1967602688-3615997171-774222606-1007\Dc62\CSSS.DL -> Adware.ClearSearch : Cleaned.
C:\Program Files\Cowabanga\uninstaller.exe -> Adware.ClickSpring : Cleaned.
C:\Documents and Settings\Taggles\Local Settings\Temporary Internet Files\Content.IE5\JADST7BR\sc[2].php -> Adware.Fakealert : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025215.exe -> Adware.IWantSearch : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025115.exe -> Adware.Look2Me : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025123.exe -> Adware.Look2Me : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025132.exe -> Adware.Look2Me : Cleaned.
C:\RECYCLER\S-1-5-21-1967602688-3615997171-774222606-1007\Dc66.exe -> Adware.Lop : Cleaned.
C:\RECYCLER\S-1-5-21-1967602688-3615997171-774222606-1007\Dc67.exe -> Adware.Lop : Cleaned.
C:\RECYCLER\S-1-5-21-1967602688-3615997171-774222606-1007\Dc68.exe -> Adware.Lop : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025214.dll -> Adware.MaxSearch : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\David -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\David\eeid.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\David\userdata.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\Owner -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\Owner\dataexcludeebatessaved.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\Owner\eeid.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\Owner\userdata.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\merchants.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\systemdata.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\systemdata1.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\ApplicationData\updates.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\Applications -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\Applications\ebatesdatamerchNCust.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\Applications\ebatesver2.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\Applications\eeid29.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\Applications\mercj351.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\EbatesMoeMoneyMaker.exe -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\EbatesMoeMoneyMaker.inf -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\Main.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\a.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\b.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ba.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bb.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bc.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bd.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\be.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bf.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bg.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bh.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bi.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bj.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bk.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bl.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bm.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bn.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bo.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bp.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bq.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\br.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bs.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bt.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bu.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bv.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bw.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bx.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\by.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\bz.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\c.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ca.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cb.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cc.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cd.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ce.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cf.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cg.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ch.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ci.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cj.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ck.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cl.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cm.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cn.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\co.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cp.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cq.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cr.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cs.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ct.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cu.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cv.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cw.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cx.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cy.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\cz.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\d.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\da.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\db.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dc.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dd.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\de.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\df.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dg.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dh.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\di.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dj.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dk.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dl.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dn.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dp.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dq.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dr.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ds.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dt.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\du.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dv.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dw.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dy.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\dz.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\e.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ea.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\eb.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ec.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\ed.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\f.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\g.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\h.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\i.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\j.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\k.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\l.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\m.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\n.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\o.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\p.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\q.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\r.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\s.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\t.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\u.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\v.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\w.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\x.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Code\y.class -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_autorediroffer0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_disable0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_memoffer0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_nonmemoffer0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_preferences0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_preferences1.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\ebates_script0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\topmoxie_conflicts2.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Html\topmoxie_proxy.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_clickhere.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_getcashback.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_getcashbck.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_no.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_submit.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\button_yes.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\clear.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\ebates.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\ebates1.ico -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\ebates1_hot.ico -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\ebateslogo1.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\logo_topmox.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\moe_question.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\moe_reminder.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\moe_top.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\moe_with_cash.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Images\spacer.gif -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\MTemp -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\MTemp\lock.txt -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\MTemp\logfile.txt -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System\browsers.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System\loader.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System\personality.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System\shopping.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\System\system.dls -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Temp -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Temp\dump.txt -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Temp\ebates_script0.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Temp\ebates_script0_wo.htm -> Adware.MoneyMaker : Cleaned.
C:\Program Files\EbatesMoeMoneyMaker\System\Temp\run.txt -> Adware.MoneyMaker : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP661\A0023708.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP662\A0023712.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP664\A0023719.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP666\A0023732.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP667\A0023737.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP669\A0023763.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP671\A0023770.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP674\A0023837.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP675\A0023842.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023850.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023851.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023852.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023853.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023854.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023855.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023856.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023857.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP676\A0023858.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP677\A0023875.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP681\A0024849.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025224.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025225.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025378.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP710\A0030319.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP710\A0030320.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP715\A0030358.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP715\A0030359.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP715\A0030360.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP715\A0030361.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP725\A0030379.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP726\A0030386.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP726\A0030387.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP734\A0031386.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP734\A0031387.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP736\A0031544.dll -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP736\A0031545.exe -> Adware.PurityScan : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP736\A0031546.exe -> Adware.PurityScan : Cleaned.
C:\Program Files\MaxSpeed -> Adware.SideFind : Cleaned.
C:\Program Files\MaxSpeed\Privacy Info.url -> Adware.SideFind : Cleaned.
C:\Program Files\MaxSpeed\Terms and Conditions.url -> Adware.SideFind : Cleaned.
C:\Program Files\MaxSpeed\Uninstall Instructions.url -> Adware.SideFind : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025027.exe -> Adware.Spysheriff : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP657\A0023692.exe -> Adware.ValueAd : Cleaned.
C:\Program Files\VBouncer\VirtualBouncer.exe -> Adware.VirtualBouncer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP687\snapshot\MFEX-1.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP687\snapshot\MFEX-2.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP687\snapshot\MFEX-3.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP688\snapshot\MFEX-1.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP688\snapshot\MFEX-2.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP688\snapshot\MFEX-3.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025373.exe -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025376.dll -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025379.exe -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\snapshot\MFEX-1.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\snapshot\MFEX-2.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\snapshot\MFEX-3.DAT -> Adware.WebHancer : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP697\A0030267.exe -> Adware.WebHancer : Cleaned.
C:\Documents and Settings\Owner.HOME-JEN\Local Settings\Temporary Internet Files\Content.IE5\DAULILCA\installdrivecleanerstart[1].exe -> Downloader.Small : Cleaned.
C:\Program Files\Windows Media Player\wmplayer.exe.tmp -> Downloader.Small.oe : Cleaned.
C:\Documents and Settings\Owner.HOME-JEN\Local Settings\Temporary Internet Files\Content.IE5\1BZF19W2\1_z[1].htm -> Dropper.Small.j : Cleaned.
C:\Documents and Settings\Owner.HOME-JEN\Local Settings\Temporary Internet Files\Content.IE5\1BZF19W2\aklh[1].htm -> Dropper.Small.j : Cleaned.
C:\Documents and Settings\Taggles\Local Settings\Temporary Internet Files\Content.IE5\G3K3ET0V\1_z[1].htm -> Dropper.Small.j : Cleaned.
C:\Documents and Settings\Taggles\Local Settings\Temporary Internet Files\Content.IE5\G3K3ET0V\webj[1].htm -> Dropper.Small.j : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025113.exe -> Dropper.Small.of : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025116.exe -> Dropper.Small.of : Cleaned.
C:\Program Files\Windows Media Player\70odhr0b.exe -> Dropper.Small.sc : Cleaned.
C:\System Volume Information\_restore{7F3BBB5F-5237-4C2F-A4C7-29FD099516A7}\RP689\A0025118.exe -> Hijacker.VB.al : Cleaned.
C:\Documents and Settings\Taggles\Local Settings\Temporary Internet Files\Content.IE5\G565QFFK\ErrorSafeNewReleaseInstall[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned.
C:\Documents and Settings\Taggles\Local Settings\Temporary Internet Files\Content.IE5\SYI2H12F\ErrorSafeNewReleaseInstall[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned.
C:\Documents and Settings\Owner.HOME-JEN\Local Settings\Temporary Internet Files\Content.IE5\YR2BQ9AR\SystemDoctor2006FreeInstall[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.q : Cleaned.
:mozilla.100:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.130:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.131:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.193:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.194:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.195:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.196:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.199:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.26:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.27:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.28:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.44:C:\Documents and Settings\Jen\Application Data\Mozilla\Profiles\default\lmbv018v.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.259:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.260:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.120:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.121:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.122:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.123:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.124:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.139:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.140:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.141:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.142:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.55:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.56:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.57:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.58:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.59:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.60:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.83:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.84:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.85:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.17:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.18:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.19:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.21:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.22:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.31:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.32:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.36:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.37:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.75:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.76:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.77:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.78:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.79:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\Jen\Application Data\Mozilla\Profiles\default\lmbv018v.slt\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.16:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.32:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.47:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Owner.HOME-JEN\Cookies\owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.235:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.170:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.82:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.271:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.272:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned.
:mozilla.228:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned.
:mozilla.229:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.230:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.117:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.118:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.119:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.120:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.121:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.122:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.37:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.38:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.39:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.40:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.41:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.42:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.43:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.44:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.45:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.91:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.42:C:\Documents and Settings\Jen\Application Data\Mozilla\Profiles\default\lmbv018v.slt\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.44:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.233:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.11:C:\Documents and Settings\Jen\Application Data\Mozilla\Profiles\default\lmbv018v.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.20:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.239:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.33:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.34:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.46:C:\Documents and Settings\Taggles\Application Data\Mozilla\Firefox\Profiles\bozaz4tl.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.57:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.58:C:\Documents and Settings\Emily\Application Data\Mozilla\Firefox\Profiles\wzw6srtk.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.103:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.104:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.105:C:\Documents and Settings\Jen's Guests\Application Data\Mozilla\Firefox\Profiles\yrrf15iu.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.106:C:\Documents a

Hello Strider Ryu and welcome to Geeks To Go

My name is racenutalways and I will be helping you with your Malware problem.
As I am still in training I will be helping you under supervision of our expert teachers, so there may be a delay between posts.
Please give me some time to analyze your log, and i will be back with you as soon as possible!

Hi Strider Ryu, good job cleaning some of that mess. Let's see what else we can uncover:

Download ComboFix from Here or Here to your Desktop.

• Double click combofix.exe and follow the prompts.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply

Note: Do not mouseclick combofix's window while its running. That may cause it to stall

Here's the two logs you requested:

--------------------------------------------------------------------

"Owner" - 2007-05-23 8:33:56 Service Pack 2
ComboFix 07-05.21.6.V - Running from: "C:\Documents and Settings\Owner.HOME-JEN\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\DOCUME~1\Taggles\APPLIC~1\Install.dat
C:\DOCUME~1\LOCALS~1.000\APPLIC~1\netmon\domains.txt
C:\DOCUME~1\LOCALS~1.000\APPLIC~1\netmon\log.txt
C:\WINDOWS\system32\drivers\fad.sys
C:\DOCUME~1\LOCALS~1.000\APPLIC~1\netmon
C:\Program Files\Common Files\{384D6~1
C:\Program Files\Common Files\{B84D6~1


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_COM+_MESSAGES
-------\COM+ Messages


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-23 ))))))))))))))))))))))))))))))))))


2007-05-22 07:44 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-05-22 07:44 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-22 07:44 <DIR> d-------- C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\SUPERAntiSpyware.com
2007-05-22 07:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SUPERAntiSpyware.com
2007-05-21 13:34 <DIR> d--hs---- C:\found.000
2007-05-21 13:13 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-05-21 10:50 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-05-21 10:26 2,060 --a------ C:\WINDOWS\system32\tmp.reg
2007-05-21 09:19 60,928 --a------ C:\WINDOWS\system32\ajqpvulz.dll
2007-05-21 09:19 <DIR> d-------- C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\?dobe
2007-05-21 07:59 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-05-09 13:46 <DIR> d-------- C:\DOCUME~1\JEN'SG~1\APPLIC~1\acccore
2007-05-09 06:38 <DIR> d-------- C:\WINDOWS\system32\çasks
2007-05-07 21:14 786,432 --ah----- C:\DOCUME~1\JEN'SG~1\NTUSER.DAT
2007-05-04 05:10 <DIR> d-------- C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\??stem


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-22 21:30:46 -------- d-----w C:\Program Files\iTunes
2007-05-22 19:03:47 -------- d-----w C:\Program Files\Show shim lite
2007-05-22 19:03:47 -------- d-----w C:\Program Files\Common Files\??sks
2007-05-21 16:19:33 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\?dobe
2007-05-17 14:54:15 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\??stem
2007-05-14 01:11:04 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\LimeWire
2007-05-05 17:54:17 -------- d-----w C:\Program Files\?racle
2007-05-02 01:15:46 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\AdobeUM
2007-04-24 02:39:29 -------- d-----w C:\Program Files\?ystem
2007-04-19 03:44:50 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\?racle
2007-04-14 14:55:21 664 ----a-w C:\WINDOWS\system32\d3d9caps.dat
2007-03-31 20:00:03 -------- d-----w C:\Program Files\MSBuild
2007-03-31 19:53:44 -------- d-----w C:\Program Files\Reference Assemblies
2007-03-31 19:50:27 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-03-31 05:02:01 -------- d-----w C:\Program Files\Messenger
2007-03-31 04:59:58 -------- d-----w C:\Program Files\CONEXANT
2007-03-31 03:28:14 -------- d-----w C:\Program Files\Movie Maker
2007-03-31 03:24:51 -------- d-----w C:\Program Files\Windows NT
2007-03-31 02:51:30 -------- d-----w C:\Program Files\Viewpoint
2007-03-31 02:49:45 -------- d-----w C:\Program Files\TaxCut06
2007-03-31 02:49:08 -------- d-----w C:\Program Files\Common Files\?dobe
2007-03-30 03:17:18 28,672 ----a-w C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-03-23 13:07:56 1,683,280 ------w C:\WINDOWS\system32\XpsSvcs.dll
2007-03-23 13:07:54 583,504 ------w C:\WINDOWS\system32\XPSSHHDR.dll
2007-03-23 03:25:02 124,928 ------w C:\WINDOWS\system32\prntvpt.dll
2007-03-21 14:15:55 -------- d-----w C:\Program Files\?racle
2007-03-19 13:01:42 -------- d-----w C:\Program Files\s?curity
2007-03-17 13:43:01 292,864 ----a-w C:\WINDOWS\system32\winsrv.dll
2007-03-17 04:46:52 -------- d-----w C:\Program Files\??pPatch
2007-03-12 21:47:07 -------- d-----w C:\Program Files\s?stem
2007-03-12 03:08:02 -------- d-----w C:\Program Files\LimeWire
2007-03-12 00:20:45 51,716 ----a-w C:\WINDOWS\system32\pdf995mon.dll
2007-03-12 00:20:45 118,784 ----a-w C:\WINDOWS\system32\pdfmona.dll
2007-03-11 20:30:22 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\M?crosoft
2007-03-08 15:36:28 577,536 ----a-w C:\WINDOWS\system32\user32.dll
2007-03-08 15:36:28 40,960 ----a-w C:\WINDOWS\system32\mf3216.dll
2007-03-08 15:36:28 281,600 ----a-w C:\WINDOWS\system32\gdi32.dll
2007-03-08 13:47:48 1,843,584 ----a-w C:\WINDOWS\system32\win32k.sys
2007-03-06 22:17:08 -------- d-----w C:\DOCUME~1\OWNER~1.HOM\APPLIC~1\?ystem
2007-02-05 20:17:02 185,344 ----a-w C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 11:17]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{B70A136A-858A-A12C-887C-83ADAFCC73C3}=C:\WINDOWS\system32\ajqpvulz.dll [2007-05-21 06:59]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 09:59]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 09:59]
"EPSON Stylus C64 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2006-10-07 05:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2005-06-14 10:05]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2006-11-07 08:29]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2006-11-30 22:49]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56]
"Bdlb"="C:\Program Files\?ystem\s?chost.exe" []
"Mxxqqi"="C:\WINDOWS\?racle\n?lookup.exe" []
"Kyiiazem"="C:\Program Files\?racle\s?rvices.exe" []
"Eej"="C:\Documents and Settings\Owner.HOME-JEN\Application Data\??stem\w?auboot.exe" []
"Oypr"="C:\WINDOWS\system32\?asks\j?vaw.exe" []
"Uutp"="C:\PROGRA~1\COMMON~1\SKS~1\javaw.exe" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-05-22 12:21]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2006-09-28 07:13]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 12:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=


Contents of the 'Scheduled Tasks' folder
2007-05-11 18:53:05 C:\WINDOWS\tasks\AppleSoftwareUpdate.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-23 09:03:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-05-23 9:14:06 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-23 09:14

--- E O F ---

---------------------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:25:44 AM, on 5/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16441)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\Owner.HOME-JEN\Desktop\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {B70A136A-858A-A12C-887C-83ADAFCC73C3} - C:\WINDOWS\system32\ajqpvulz.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2C1.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Bdlb] "C:\Program Files\?ystem\s?chost.exe"
O4 - HKCU\..\Run: [Mxxqqi] C:\WINDOWS\?racle\n?lookup.exe
O4 - HKCU\..\Run: [Kyiiazem] "C:\Program Files\?racle\s?rvices.exe"
O4 - HKCU\..\Run: [Eej] "C:\Documents and Settings\Owner.HOME-JEN\Application Data\??stem\w?auboot.exe"
O4 - HKCU\..\Run: [Oypr] C:\WINDOWS\system32\?asks\j?vaw.exe
O4 - HKCU\..\Run: [Uutp] "C:\PROGRA~1\COMMON~1\SKS~1\javaw.exe" -vt ndrv
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/content.info.apple...iTunesSetup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by117fd.bay117.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1165717299564
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1165813343451
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

This post has been edited by Strider Ryu: May 23 2007, 10:59 AM

Hi strider, sorry for the delay:

Go to start > controlpanel > software > add/remove programs and uninstall next if present:

Quicklinks
Forethought
Oin
Yazzle by Oin
YazzleActiveX By OIN
Purityscan by Oin
Snowballwars by Oin
Cowabanga by OIN
or anything similar with Oin in it.

Download and run this uninstaller:
http://www.outerinfo.com/OiUninstaller.exe

Please re-open HiJackThis and scan. Check the boxes next to all the entries listed below.

O2 - BHO: (no name) - {B70A136A-858A-A12C-887C-83ADAFCC73C3} - C:\WINDOWS\system32\ajqpvulz.dll
O4 - HKCU\..\Run: [Bdlb] "C:\Program Files\?ystem\s?chost.exe"
O4 - HKCU\..\Run: [Mxxqqi] C:\WINDOWS\?racle\n?lookup.exe
O4 - HKCU\..\Run: [Kyiiazem] "C:\Program Files\?racle\s?rvices.exe"
O4 - HKCU\..\Run: [Eej] "C:\Documents and Settings\Owner.HOME-JEN\Application Data\??stem\w?auboot.exe"
O4 - HKCU\..\Run: [Oypr] C:\WINDOWS\system32\?asks\j?vaw.exe

Now close all windows other than HiJackThis, then click Fix Checked. Close HiJackThis.

After that, Reboot.

Run Ad-Aware with the latest update.

1. Download the latest version of Ad-Aware (Ad-Aware SE Build 1.06r1) from here.
2. If you have a previous version of Ad-Aware installed, during the installation of the new version you will be prompted to uninstall or keep the older version - be sure to uninstall the previous version.
3. After installing Ad-aware, you will be prompted to update the program and run a full scan. De-select all boxes so that it does not run.
4. Manually run "Ad-Aware SE Personal" and from the main screen Click on "Check for Updates Now".
5. Once the definitions have been updated:
6. Reconfigure Ad-Aware for Full Scan as per the following instructions:
   • Launch the program, and click on the Gear at the top of the start screen.
   • Under General Settings the following boxes should all be checked off: (Checked will be indicated by a green circle with a check mark in it, Un-Checked is a red circle with an X in it. If it is greyed out, those features are only available in the retail version.)
     • "Automatically save logfile"
     • Automatically quarantine objects prior to removal"
     • Safe Mode (always request confirmation)
     • Prompt to update outdated confirmation) - Change to 7 days.
   • Click the "Scanning" button (On the left side).
   • Under Drives & Folders, select "Scan within Archives"
   • Click "Click here to select Drives + folders" and select your installed hard drives.
   • Under Memory & Registry, select all options.
   • Click the "Advanced" button (On the left hand side).
   • Under "Shell Integration", select "Move deleted files to Recycle Bin".
   • Under "Log-file detail", select all options.
   • Click on the "Defaults" button on the left.
   • Type in the full url of what you want as your default homepage and searchpage e.g. http://www.google.com.
   • Click the "Tweak" button (Again, on the left hand side).
   • Expand "Scanning Engine" by clicking on the "+" (Plus) symbol and select the following:
     • "Unload recognized processes during scanning."
     • "Obtain command line of scanned processes"
     • "Scan registry for all users instead of current user only"
   • Under "Cleaning Engine", select the following:
     • "Automatically try to unregister objects prior to deletion."
     • "During removal, unload explorer and IE if necessary"
     • "Let Windows remove files in use at next reboot."
     • "Delete quarrantined objects after restoring"
   • Click on "Safety Settings" and select "Write-protect system files after repair (Hosts file, etc)"
   • Click on "Proceed" to save these Preferences.
   • Click on the "Scan Now" button on the left.
   • Under "Select Scan Mode, be sure to select "Use Custom Scanning Options".
7. Close all programs except ad-aware.
8. Click on "Next" in the bottom right corner to start the scan.
9. Run the Ad-Aware scan and allow it to remove everything it finds and then REBOOT - Even if not prompted to.
10. After you log back in, Ad-Aware may run to finalize the scan and remove any locked files that it may of found. Allow it to finish.

Re-run HJT and post the results in the next reply.