[pbr101]

How to begin? I was cleaning a friend's computer 10/01 and found Zlob JN. Easily removed, did some spyware, adware removals and was ready to return it. Ran Hijack This v2.0.0.2 on 10/01 and found no major problems. But when I ran HijackThis 10/02 I found the registry key "whataboutadog" and "doginhispen". I did a google search and came up with the original HijackThis forum message advising using AWF. It didn't work. Since then google searches are turning up a significant number of sites addressing this. I have been looking into this and it appears the "payload" date of this file was 10/02/07 at 8:30PM. Almost all execution files running from the registry's start seem to be affected. Mcafee was the first to report this but offers no fix. AVG, Adaware SE and Spybot S&D

(all updated daily) don't even detect this as of this post. I have also run V-com SystemSuite virus detector and CA's Pest Patrol with no detection. This appears to be polymorphic in nature. I'll attempt a couple of online scans but it appears a Windows re-install may be the only answer. Any input would be appreciated.