Here are the three logs:
1: rapport.txt
SmitFraudFix v2.338
Scan done at 21:29:54.79, Sun 08/24/2008
Run from C:\Documents and Settings\Sally\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{97d2dfac-9acb-4d6f-ac2b-ab6ee090f649}"="bebization"
[HKEY_CLASSES_ROOT\CLSID\{97d2dfac-9acb-4d6f-ac2b-ab6ee090f649}\InProcServer32]
@="C:\WINDOWS\system32\ouhzw.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{97d2dfac-9acb-4d6f-ac2b-ab6ee090f649}\InProcServer32]
@="C:\WINDOWS\system32\ouhzw.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» VACFix
VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix
S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\system32\ouhzw.dll -> Hoax.Win32.Renos.gen.p
C:\WINDOWS\system32\ouhzw.dll -> Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\system32\ubpr01.exe Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Antivirus Scan.url Deleted
C:\DOCUME~1\ALLUSE~1\STARTM~1\Online Spyware Test.url Deleted
C:\DOCUME~1\Sally\FAVORI~1\Antivirus Scan.url Deleted
C:\Program Files\Applications\ Deleted
C:\Program Files\ASpyC\ Deleted
»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» RK
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{7B70340E-2436-4AD3-97F3-01D01960CD5A}: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B70340E-2436-4AD3-97F3-01D01960CD5A}: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
HKLM\SYSTEM\CS3\Services\Tcpip\..\{7B70340E-2436-4AD3-97F3-01D01960CD5A}: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=68.87.73.242 68.87.71.226 68.87.64.196
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
2. SUPER AntiSpyware log
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 08/24/2008 at 11:29 PM
Application Version : 4.20.1046
Core Rules Database Version : 3545
Trace Rules Database Version: 1534
Scan type : Complete Scan
Total Scan Time : 01:49:45
Memory items scanned : 221
Memory threats detected : 0
Registry items scanned : 5556
Registry threats detected : 19
File items scanned : 79616
File threats detected : 323
Trojan.FakeAlert-IEBT
HKU\S-1-5-21-2517306811-1982628174-4123955349-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{254B87BB-510D-41FA-A887-52C5FA9BE585}
Adware.eZula
HKLM\System\ControlSet001\Services\DomainService
C:\WINDOWS\SYSTEM32\RIKMDXIT.EXE
HKLM\System\ControlSet001\Enum\Root\LEGACY_DomainService
HKLM\System\ControlSet003\Services\DomainService
HKLM\System\ControlSet003\Enum\Root\LEGACY_DomainService
HKLM\System\CurrentControlSet\Services\DomainService
HKLM\System\CurrentControlSet\Enum\Root\LEGACY_DomainService
Adware.Tracking Cookie
C:\Documents and Settings\Sally\Cookies\sally@advertising[3].txt
C:\Documents and Settings\Sally\Cookies\sally@bluestreak[2].txt
C:\Documents and Settings\Sally\Cookies\sally@1071896467[1].txt
C:\Documents and Settings\Sally\Cookies\sally@trafficmp[1].txt
C:\Documents and Settings\Sally\Cookies\sally@gadget[2].txt
C:\Documents and Settings\Sally\Cookies\sally@paypal.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@app.insightgrit[2].txt
C:\Documents and Settings\Sally\Cookies\sally@adopt.specificclick[2].txt
C:\Documents and Settings\Sally\Cookies\sally@libstats.arlingtonva[2].txt
C:\Documents and Settings\Sally\Cookies\sally@zedo[2].txt
C:\Documents and Settings\Sally\Cookies\sally@atdmt[1].txt
C:\Documents and Settings\Sally\Cookies\sally@meetupcom.122.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@chitika[2].txt
C:\Documents and Settings\Sally\Cookies\sally@realmedia[2].txt
C:\Documents and Settings\Sally\Cookies\sally@tracking.vindicosuite[2].txt
C:\Documents and Settings\Sally\Cookies\sally@mediataskmaster[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-theactivenetwork.hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@revsci[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-lls.hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@partner2profit[2].txt
C:\Documents and Settings\Sally\Cookies\sally@tacoda[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ad.yieldmanager[1].txt
C:\Documents and Settings\Sally\Cookies\sally@bizrate[1].txt
C:\Documents and Settings\Sally\Cookies\sally@apmebf[1].txt
C:\Documents and Settings\Sally\Cookies\sally@atwola[2].txt
C:\Documents and Settings\Sally\Cookies\sally@handbag[1].txt
C:\Documents and Settings\Sally\Cookies\sally@tribalfusion[2].txt
C:\Documents and Settings\Sally\Cookies\sally@tripod[2].txt
C:\Documents and Settings\Sally\Cookies\sally@adlegend[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.accountonline[1].txt
C:\Documents and Settings\Sally\Cookies\sally@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\Sally\Cookies\sally@edge.ru4[2].txt
C:\Documents and Settings\Sally\Cookies\sally@qksrv[2].txt
C:\Documents and Settings\Sally\Cookies\sally@counter.hitslink[1].txt
C:\Documents and Settings\Sally\Cookies\sally@media.adrevolver[2].txt
C:\Documents and Settings\Sally\Cookies\sally@revenue[2].txt
C:\Documents and Settings\Sally\Cookies\sally@backcountry[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adtech[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adrevolver[3].txt
C:\Documents and Settings\Sally\Cookies\sally@stats.adbrite[2].txt
C:\Documents and Settings\Sally\Cookies\sally@dcsfpkesc10000gkeho5hpjgt_7t2o[1].txt
C:\Documents and Settings\Sally\Cookies\sally@1069095226[1].txt
C:\Documents and Settings\Sally\Cookies\sally@crackberry[1].txt
C:\Documents and Settings\Sally\Cookies\sally@media.hotels[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.travelcountry[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adbrite[2].txt
C:\Documents and Settings\Sally\Cookies\sally@casalemedia[2].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-rodale.hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@mediaplex[1].txt
C:\Documents and Settings\Sally\Cookies\sally@richmedia.yahoo[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads.pointroll[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads.adbrite[1].txt
C:\Documents and Settings\Sally\Cookies\sally@dtag.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@phg.hitbox[1].txt
C:\Documents and Settings\Sally\Cookies\sally@1071435286[1].txt
C:\Documents and Settings\Sally\Cookies\sally@saksfifthavenue.122.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@statse.webtrendslive[2].txt
C:\Documents and Settings\Sally\Cookies\sally@media6degrees[1].txt
C:\Documents and Settings\Sally\Cookies\sally@msnportal.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@handbag[2].txt
C:\Documents and Settings\Sally\Cookies\sally@citi.bridgetrack[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ad.zanox[1].txt
C:\Documents and Settings\Sally\Cookies\sally@bravenet[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-kodak.hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@specificclick[2].txt
C:\Documents and Settings\Sally\Cookies\sally@ads.addynamix[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads.cnn[1].txt
C:\Documents and Settings\Sally\Cookies\sally@cz7.clickzs[2].txt
C:\Documents and Settings\Sally\Cookies\sally@xiti[1].txt
C:\Documents and Settings\Sally\Cookies\sally@57386690[1].txt
C:\Documents and Settings\Sally\Cookies\sally@insightexpressai[1].txt
C:\Documents and Settings\Sally\Cookies\sally@marketlive.122.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@statcounter[1].txt
C:\Documents and Settings\Sally\Cookies\sally@data.coremetrics[1].txt
C:\Documents and Settings\Sally\Cookies\sally@anat.tacoda[2].txt
C:\Documents and Settings\Sally\Cookies\sally@adrevolver[4].txt
C:\Documents and Settings\Sally\Cookies\sally@1072498139[1].txt
C:\Documents and Settings\Sally\Cookies\sally@test.coremetrics[1].txt
C:\Documents and Settings\Sally\Cookies\sally@html[1].txt
C:\Documents and Settings\Sally\Cookies\sally@1070585196[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Sally\Cookies\sally@fastclick[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adinterax[2].txt
C:\Documents and Settings\Sally\Cookies\sally@trifind[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adopt.euroclick[1].txt
C:\Documents and Settings\Sally\Cookies\sally@burstnet[1].txt
C:\Documents and Settings\Sally\Cookies\sally@1070791027[1].txt
C:\Documents and Settings\Sally\Cookies\sally@homeaway.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.aav2008[1].txt
C:\Documents and Settings\Sally\Cookies\sally@bs.serving-sys[1].txt
C:\Documents and Settings\Sally\Cookies\sally@50549199[2].txt
C:\Documents and Settings\Sally\Cookies\sally@interclick[1].txt
C:\Documents and Settings\Sally\Cookies\sally@cgi-bin[3].txt
C:\Documents and Settings\Sally\Cookies\sally@sales.liveperson[2].txt
C:\Documents and Settings\Sally\Cookies\sally@questionmarket[2].txt
C:\Documents and Settings\Sally\Cookies\sally@serving-sys[2].txt
C:\Documents and Settings\Sally\Cookies\sally@adserver[1].txt
C:\Documents and Settings\Sally\Cookies\sally@anad.tacoda[1].txt
C:\Documents and Settings\Sally\Cookies\sally@dealtime[1].txt
C:\Documents and Settings\Sally\Cookies\sally@247realmedia[1].txt
C:\Documents and Settings\Sally\Cookies\sally@rocku.adbureau[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.backcountry[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.backcountry[3].txt
C:\Documents and Settings\Sally\Cookies\sally@stat.dealtime[1].txt
C:\Documents and Settings\Sally\Cookies\sally@iacas.adbureau[2].txt
C:\Documents and Settings\Sally\Cookies\sally@hearstmagazines.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@tracking.keywordmax[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ad.associatedcontent[1].txt
C:\Documents and Settings\Sally\Cookies\sally@hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@eyewonder[2].txt
C:\Documents and Settings\Sally\Cookies\sally@27814325[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.antispycheck[2].txt
C:\Documents and Settings\Sally\Cookies\sally@medhelpinternational.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-foxsports.hitbox[1].txt
C:\Documents and Settings\Sally\Cookies\sally@scan.antispyware2008scanner[1].txt
C:\Documents and Settings\Sally\Cookies\sally@msnbc.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@rotator.adjuggler[1].txt
C:\Documents and Settings\Sally\Cookies\sally@collective-media[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.wav2008[1].txt
C:\Documents and Settings\Sally\Cookies\sally@1070402687[1].txt
C:\Documents and Settings\Sally\Cookies\sally@forums.crackberry[1].txt
C:\Documents and Settings\Sally\Cookies\sally@media.medhelp[2].txt
C:\Documents and Settings\Sally\Cookies\sally@cratebarrel.112.2o7[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.clickmanage[2].txt
C:\Documents and Settings\Sally\Cookies\sally@1070448351[1].txt
C:\Documents and Settings\Sally\Cookies\sally@kontera[1].txt
C:\Documents and Settings\Sally\Cookies\sally@pro-market[1].txt
C:\Documents and Settings\Sally\Cookies\sally@overture[2].txt
C:\Documents and Settings\Sally\Cookies\sally@doubleclick[1].txt
C:\Documents and Settings\Huk\Cookies\huk@atdmt[2].txt
C:\Documents and Settings\Huk\Cookies\huk@doubleclick[1].txt
C:\Documents and Settings\Julie\Cookies\julie@247realmedia[1].txt
C:\Documents and Settings\Julie\Cookies\julie@67.15.239[1].txt
C:\Documents and Settings\Julie\Cookies\julie@accounts[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ad.yieldmanager[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adbrite[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adinterax[1].txt
C:\Documents and Settings\Julie\Cookies\julie@adknowledge[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adlegend[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adopt.specificclick[1].txt
C:\Documents and Settings\Julie\Cookies\julie@adrevolver[1].txt
C:\Documents and Settings\Julie\Cookies\julie@adrevolver[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ads.addynamix[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ads.cnn[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ads.pointroll[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ads.theendresultco[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ads2.drivelinemedia[1].txt
C:\Documents and Settings\Julie\Cookies\julie@adserver.experience[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adserver.pollstar[2].txt
C:\Documents and Settings\Julie\Cookies\julie@adserving.cpxinteractive[2].txt
C:\Documents and Settings\Julie\Cookies\julie@advertising[2].txt
C:\Documents and Settings\Julie\Cookies\julie@aj.petfinder[2].txt
C:\Documents and Settings\Julie\Cookies\julie@anad.tacoda[2].txt
C:\Documents and Settings\Julie\Cookies\julie@anat.tacoda[2].txt
C:\Documents and Settings\Julie\Cookies\julie@atdmt[1].txt
C:\Documents and Settings\Julie\Cookies\julie@atwola[1].txt
C:\Documents and Settings\Julie\Cookies\julie@bannerspace[1].txt
C:\Documents and Settings\Julie\Cookies\julie@belnk[1].txt
C:\Documents and Settings\Julie\Cookies\julie@bfast[2].txt
C:\Documents and Settings\Julie\Cookies\julie@bizrate[2].txt
C:\Documents and Settings\Julie\Cookies\julie@bluestreak[1].txt
C:\Documents and Settings\Julie\Cookies\julie@bravenet[1].txt
C:\Documents and Settings\Julie\Cookies\julie@burstnet[2].txt
C:\Documents and Settings\Julie\Cookies\julie@c5.zedo[2].txt
C:\Documents and Settings\Julie\Cookies\julie@casalemedia[1].txt
C:\Documents and Settings\Julie\Cookies\julie@cbs.112.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@citi.bridgetrack[2].txt
C:\Documents and Settings\Julie\Cookies\julie@clicks.emarketmakers[1].txt
C:\Documents and Settings\Julie\Cookies\julie@countercentral[2].txt
C:\Documents and Settings\Julie\Cookies\julie@cpvfeed[2].txt
C:\Documents and Settings\Julie\Cookies\julie@cratebarrel.112.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@data.coremetrics[1].txt
C:\Documents and Settings\Julie\Cookies\julie@data1.perf.overture[1].txt
C:\Documents and Settings\Julie\Cookies\julie@data3.perf.overture[2].txt
C:\Documents and Settings\Julie\Cookies\julie@dist.belnk[2].txt
C:\Documents and Settings\Julie\Cookies\julie@e-2dj6wjkoehcjcbo.stats.esomniture[1].txt
C:\Documents and Settings\Julie\Cookies\julie@edge.ru4[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-attworldnet.hitbox[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-crossfit.hitbox[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-informative.hitbox[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-legacy.hitbox[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-theviptour.hitbox[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg-visionretailinginc.hitbox[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ehg.hitbox[1].txt
C:\Documents and Settings\Julie\Cookies\julie@fastclick[1].txt
C:\Documents and Settings\Julie\Cookies\julie@ge.bridgetrack[1].txt
C:\Documents and Settings\Julie\Cookies\julie@goclick[2].txt
C:\Documents and Settings\Julie\Cookies\julie@hg1.hitbox[2].txt
C:\Documents and Settings\Julie\Cookies\julie@highbeam.122.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@hitbox[2].txt
C:\Documents and Settings\Julie\Cookies\julie@indexstats[2].txt
C:\Documents and Settings\Julie\Cookies\julie@insightexpressai[1].txt
C:\Documents and Settings\Julie\Cookies\julie@itxt.vibrantmedia[1].txt
C:\Documents and Settings\Julie\Cookies\julie@jcrew.112.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@kanoodle[1].txt
C:\Documents and Settings\Julie\Cookies\julie@keywordmax[1].txt
C:\Documents and Settings\Julie\Cookies\julie@klik.klikadvertising[1].txt
C:\Documents and Settings\Julie\Cookies\julie@linksynergy[2].txt
C:\Documents and Settings\Julie\Cookies\julie@marketlive.122.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@maxserving[1].txt
C:\Documents and Settings\Julie\Cookies\julie@media.adrevolver[1].txt
C:\Documents and Settings\Julie\Cookies\julie@media.homestore[1].txt
C:\Documents and Settings\Julie\Cookies\julie@mediaplex[2].txt
C:\Documents and Settings\Julie\Cookies\julie@msnportal.112.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@nextag[1].txt
C:\Documents and Settings\Julie\Cookies\julie@overture[2].txt
C:\Documents and Settings\Julie\Cookies\julie@partner2profit[1].txt
C:\Documents and Settings\Julie\Cookies\julie@perf.overture[1].txt
C:\Documents and Settings\Julie\Cookies\julie@petfinder[1].txt
C:\Documents and Settings\Julie\Cookies\julie@qnsr[1].txt
C:\Documents and Settings\Julie\Cookies\julie@questionmarket[1].txt
C:\Documents and Settings\Julie\Cookies\julie@realmedia[1].txt
C:\Documents and Settings\Julie\Cookies\julie@repeater.realtraffic.maptuit[1].txt
C:\Documents and Settings\Julie\Cookies\julie@revenue[1].txt
C:\Documents and Settings\Julie\Cookies\julie@revsci[1].txt
C:\Documents and Settings\Julie\Cookies\julie@roiservice[1].txt
C:\Documents and Settings\Julie\Cookies\julie@saksfifthavenue.122.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@sales.liveperson[1].txt
C:\Documents and Settings\Julie\Cookies\julie@search.petfinder[2].txt
C:\Documents and Settings\Julie\Cookies\julie@server.iad.liveperson[2].txt
C:\Documents and Settings\Julie\Cookies\julie@serving-sys[1].txt
C:\Documents and Settings\Julie\Cookies\julie@smileycentral[2].txt
C:\Documents and Settings\Julie\Cookies\julie@statcounter[2].txt
C:\Documents and Settings\Julie\Cookies\julie@statse.webtrendslive[1].txt
C:\Documents and Settings\Julie\Cookies\julie@tacoda[2].txt
C:\Documents and Settings\Julie\Cookies\julie@ticketsnow[1].txt
C:\Documents and Settings\Julie\Cookies\julie@tracking.10e20[1].txt
C:\Documents and Settings\Julie\Cookies\julie@trafficmp[2].txt
C:\Documents and Settings\Julie\Cookies\julie@traffic[1].txt
C:\Documents and Settings\Julie\Cookies\julie@tribalfusion[2].txt
C:\Documents and Settings\Julie\Cookies\julie@tripod[1].txt
C:\Documents and Settings\Julie\Cookies\julie@twci.coremetrics[1].txt
C:\Documents and Settings\Julie\Cookies\julie@vhost.oddcast[2].txt
C:\Documents and Settings\Julie\Cookies\julie@web4.realtracker[1].txt
C:\Documents and Settings\Julie\Cookies\julie@wpni.112.2o7[1].txt
C:\Documents and Settings\Julie\Cookies\julie@www.burstbeacon[2].txt
C:\Documents and Settings\Julie\Cookies\julie@www.burstnet[1].txt
C:\Documents and Settings\Julie\Cookies\julie@www.expressionsexchange[1].txt
C:\Documents and Settings\Julie\Cookies\julie@www.findarticles[2].txt
C:\Documents and Settings\Julie\Cookies\julie@www.ticketsnow[1].txt
C:\Documents and Settings\Julie\Cookies\julie@www.traffic[1].txt
C:\Documents and Settings\Julie\Cookies\julie@zedo[2].txt
C:\Documents and Settings\Sally\Cookies\sally@accounts[1].txt
C:\Documents and Settings\Sally\Cookies\sally@adrevolver[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads3.think-adz[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ads3.think-adz[2].txt
C:\Documents and Settings\Sally\Cookies\sally@advertising[1].txt
C:\Documents and Settings\Sally\Cookies\sally@advertising[2].txt
C:\Documents and Settings\Sally\Cookies\sally@affiliates.ticketsnow[1].txt
C:\Documents and Settings\Sally\Cookies\sally@affiliates.ticketsnow[3].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[1].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[2].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[3].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[4].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[5].txt
C:\Documents and Settings\Sally\Cookies\sally@azjmp[6].txt
C:\Documents and Settings\Sally\Cookies\sally@bluestreak[1].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[10].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[11].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[1].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[2].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[3].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[4].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[5].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[6].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[7].txt
C:\Documents and Settings\Sally\Cookies\sally@clickbank[8].txt
C:\Documents and Settings\Sally\Cookies\sally@cpvfeed[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-crossfit.hitbox[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-crossfit.hitbox[2].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-theviptour.hitbox[1].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-theviptour.hitbox[3].txt
C:\Documents and Settings\Sally\Cookies\sally@ehg-theviptour.hitbox[4].txt
C:\Documents and Settings\Sally\Cookies\sally@enhance[2].txt
C:\Documents and Settings\Sally\Cookies\sally@h.starware[1].txt
C:\Documents and Settings\Sally\Cookies\sally@h.starware[2].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[10].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[11].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[12].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[13].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[14].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[1].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[3].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[4].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[5].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[6].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[7].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[8].txt
C:\Documents and Settings\Sally\Cookies\sally@linksynergy[9].txt
C:\Documents and Settings\Sally\Cookies\sally@myaccount[1].txt
C:\Documents and Settings\Sally\Cookies\sally@realmedia[1].txt
C:\Documents and Settings\Sally\Cookies\sally@stats1.reliablestats[1].txt
C:\Documents and Settings\Sally\Cookies\sally@stats1.reliablestats[2].txt
C:\Documents and Settings\Sally\Cookies\sally@winantispyware[1].txt
C:\Documents and Settings\Sally\Cookies\sally@winantispyware[3].txt
C:\Documents and Settings\Sally\Cookies\sally@www.drivecleaner[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.hornymatches[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.ticketsnow2[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.ticketsnow2[2].txt
C:\Documents and Settings\Sally\Cookies\sally@www.ticketsnow[1].txt
C:\Documents and Settings\Sally\Cookies\sally@www.ticketsnow[3].txt
C:\WINDOWS\Temp\Cookies\sally@winantivirus[1].txt
Trojan.ZenoSearch
C:\WINDOWS\system32\msnav32.ax
Trojan.Unknown Origin
HKLM\Software\xpre
HKLM\Software\xpre#execount
Adware.Think-Adz
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Enhanced Ads by Think-Adz
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Enhanced Ads by Think-Adz#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Enhanced Ads by Think-Adz#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Think-Adz Search Assistant
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Think-Adz Search Assistant#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Think-Adz Search Assistant#UninstallString
Adware.Vundo Variant/Rel
HKLM\SOFTWARE\Microsoft\aoprndtws
HKLM\SOFTWARE\Microsoft\FCOVM
HKU\S-1-5-21-2517306811-1982628174-4123955349-1006\Software\Microsoft\aldd
HKU\S-1-5-21-2517306811-1982628174-4123955349-1006\Software\Microsoft\rdfa
C:\WINDOWS\SYSTEM32\BCCDD.INI
C:\WINDOWS\SYSTEM32\BCCDD.INI2
Rogue.AntiVirus 2009/Installer
C:\DOCUMENTS AND SETTINGS\SALLY\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\OLI3GXIV\AV2009INSTALL_880348[1].EXE
Malware.Installer-Pkg/Gen
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{26D2C2C3-CF14-4ED7-B1FC-0BE64AFBA3B3}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{3C48F877-A164-45E9-B9DA-26A049FFC207}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6293BC00-4EB8-4C65-8548-53E2FC3BF937}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{651956B7-1969-42AA-9453-E0B813019D54}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{6B6A7665-DB48-4762-AB5D-BEEB9E1CD7FA}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{989E4C3B-B2C9-4486-9A09-D5A8F953837C}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C0A0AA4D-C79B-48CA-8843-2B02B626C9E6}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{C2D8F0E2-6978-4409-8351-BA8785DA11EE}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{D1A6F3FD-7B40-443F-8767-BADB25A0D222}.EXE
C:\PROGRAM FILES\WILDTANGENT\APPS\DELL GAME CONSOLE\DOWNLOADS\INSTALLERS\{E0814F95-5380-4892-B8C8-7FA4B349EF46}.EXE
Browser Hijacker.Favorites
C:\RECYCLER\S-1-5-21-2517306811-1982628174-4123955349-1006\DC83.URL
C:\RECYCLER\S-1-5-21-2517306811-1982628174-4123955349-1006\DC84.URL
Adware.E404 Helper/Variant-F
C:\WINDOWS\SYSTEM32\857060\857060.DLL
Trojan.Downloader-Gen
C:\WINDOWS\SYSTEM32\WINPFZ32.SYS
Adware.Unknown Origin
C:\WINDOWS\SYSTEM32\ZXDNT3D.CFG