Well, I've run the pre-post gauntlet, but predictably, it's back again.
Here's the HJT log, followed by the Kaspersky report (in two parts, the log was too long for one post).:sad:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:32:34 PM, on 9/15/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1172892279\ee\AOLSoftware.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\WINDOWS\system32\wuauclt.exe
c:\program files\common files\aol\1172892279\ee\aexplore.exe
c:\program files\common files\aol\1172892279\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1172892279\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8A06A1A7-9E64-4359-8556-B6EA03D69814} - C:\WINDOWS\system32\fxsKED.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: (no name) - {dae87246-5436-4f52-acb2-401357032087} - C:\WINDOWS\system32\fxsKED.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1172892279\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: &Search - ?p=ZK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174489894093
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} (PWLNINST Control) - http://plato1.sarasota.k12.fl.us/Pathways/pway_iis.dll/PWLN/02050119/fullcab/pwlninst.cab
O20 - Winlogon Notify: fxsKED - C:\WINDOWS\SYSTEM32\fxsKED.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe

--
End of file - 11641 bytes

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, September 15, 2007 5:54:24 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.1
Kaspersky Anti-Virus database last update: 15/09/2007
Kaspersky Anti-Virus database records: 419010
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan Statistics:
Total number of scanned objects: 131962
Number of viruses found: 19
Number of infected objects: 109
Number of suspicious objects: 0
Duration of the scan process: 02:15:49

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstderr.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\aolstdout.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\cache.db Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\TopSpeed\2.0\server.lock Object is locked skipped
C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\12fc5213d9182dc4358fe6f9197ab5d1_5ea4224c-a772-41ea-a6fe-dbb0cc126269 Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b2b632cf60d70bb175a01e5ee06cc14f_ae043f9c-ff36-47f0-b028-f79824d508eb Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-09-15_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Shared\QBackup\index.qbs Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBConfig.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDebug.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBDetect.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBNotify.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBRefr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetCfg2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetDev.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetLoc.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBSetUsr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBStHash.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\BBValid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPPolicy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStart.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SPBBC\SPStop.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtErEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\7070E214.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtETmp\F4E3193A.TMP Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtMoEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtNvEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtScEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtTxFEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SRTSP\SrtViEvt.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\SubEng\submissions.idx Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Aim\eybfcqub\sedulouswag\cert8.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Application Data\Aim\eybfcqub\sedulouswag\key3.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\Working\database_58F4_A942_F4A9_22EC\dfsr.db Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\Working\database_58F4_A942_F4A9_22EC\fsr.log Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\Working\database_58F4_A942_F4A9_22EC\fsrtmp.log Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Messenger\likewoahomq@hotmail.com\SharingMetadata\Working\database_58F4_A942_F4A9_22EC\tmp.edb Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\likewoahomq@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Windows Live Contacts\likewoahomq@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\History\History.IE5\MSHist012007091520070916\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\Temporary Internet Files\Content.IE5\257C5WZQ\stats[1].htm Infected: Trojan-Downloader.VBS.Agent.n skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\tmp7.tmp.exe Infected: Trojan.Win32.Agent.agv skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DFD977.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DFD9BF.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DFE848.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\~DFE863.tmp Object is locked skipped
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Compaq_Owner\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Compaq_Owner\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\hp\bin\KillWind.exe Infected: not-a-virus:RiskTool.Win32.PsKill.p skipped
C:\Program Files\Common Files\Symantec Shared\EENGINE\EPERSIST.DAT Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\NFWEVT.LOG Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\L0000001.FCS Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\Compaq Connections\5577497\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Program Files\MSN Messenger\msimg32.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\Program Files\MSN Messenger\riched20.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped

C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP121\A0023233.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026402.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026403.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026405.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026406.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026408.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026409.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026410.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026411.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026412.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026413.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026414.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026415.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026416.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026417.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026418.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026419.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026421.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026423.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026425.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026426.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026428.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026429.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026430.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026441.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026442.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026443.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026444.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026445.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP146\A0026446.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP159\A0028979.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP159\A0028980.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP159\A0028981.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP159\A0028982.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP168\A0030433.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP168\A0030434.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP168\A0030435.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP168\A0030436.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP168\A0030437.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030617.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030618.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030619.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030620.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030622.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030623.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030624.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030625.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030626.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030627.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030628.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030629.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030630.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030631.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030632.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030633.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030634.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030636.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030637.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030639.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030641.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030642.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030643.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030645.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030646.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP172\A0030647.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0043406.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044373.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044394.scr Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044395.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044396.dll Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044397.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0044398.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045381.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045382.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045383.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045384.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.at skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045386.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045387.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045388.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.l skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045389.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.af skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045390.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045391.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045392.SCR Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045393.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045394.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045395.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.a skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045396.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.an skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045397.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.aq skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045398.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bh skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045400.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045401.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ax skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045403.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045405.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045406.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.as skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045407.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.ad skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045409.EXE Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045410.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.au skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP189\A0045411.DLL Infected: not-a-virus:AdTool.Win32.MyWebSearch.i skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP194\A0046791.exe/mwsSetup.CommonCodebase.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bc skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP194\A0046791.exe CAB: infected - 1 skipped
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP199\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\jkhgfc.dll Infected: Trojan.Win32.Agent.agv skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\I386\Apps\APP11612\src\HPSummer2005.exe/WISE0016.BIN Infected: not-a-virus:AdWare.Win32.MyWay.j skipped
D:\I386\Apps\APP11612\src\HPSummer2005.exe WiseSFX: infected - 1 skipped
D:\I386\Apps\APP11612\src\HPSummer2005.exe WiseSFX Dropper: infected - 1 skipped

Scan process completed.

Lets try running combofix.exe
Download it from one of the links below:
Note:
It is important that it is saved directly to your desktop
http://download.bleepingcomputer.com/sUBs/combofix.exe
http://www.techsupportforum.com/sectools/combofix.exe

Double click combofix.exe & follow the prompts.
When finished, it will produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

ComboFix 07-09-20.1 - "Compaq_Owner" 2007-09-20 17:36:45.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.68 [GMT -4:00]
.

((((((((((((((((((((((((( Files Created from 2007-08-20 to 2007-09-20 )))))))))))))))))))))))))))))))
.

2007-09-20 17:24 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-16 18:54 <DIR> d-------- C:\Program Files\Easy MP3 Cutter
2007-09-15 12:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Kaspersky Lab
2007-09-15 12:47 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-09-13 22:22 <DIR> d-------- C:\Program Files\Total Video Converter
2007-09-13 17:13 <DIR> d-------- C:\Program Files\USPS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-20 17:17 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
2007-09-20 16:06 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-09-15 18:32 --------- d-------- C:\Program Files\Trend Micro
2007-09-09 13:49 --------- d-------- C:\Program Files\iTunes
2007-09-09 13:49 --------- d-------- C:\Program Files\iPod
2007-09-03 19:06 --------- d-------- C:\Program Files\MSN Messenger
2007-08-19 14:10 --------- d-------- C:\Program Files\QuickTime
2007-08-19 14:07 --------- d-------- C:\Program Files\Common Files\Apple
2007-08-19 14:07 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-08-03 14:55 --------- d-------- C:\Program Files\World of Warcraft
2007-08-01 02:30 --------- d-------- C:\Program Files\DivX
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-26 19:06 9464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-07-26 19:06 9336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-07-26 19:06 524288 --a------ C:\WINDOWS\system32\DivXsm.exe
2007-07-26 19:06 43528 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-07-26 19:06 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-07-26 19:06 200704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-26 19:06 144704 --a------ C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-07-26 19:06 129784 --------- C:\WINDOWS\system32\pxafs.dll
2007-07-26 19:06 120056 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-07-26 19:06 118520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-07-26 19:06 1044480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-07-26 19:03 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2007-07-26 19:03 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2007-07-26 19:03 81920 --a------ C:\WINDOWS\system32\dpl100.dll
2007-07-26 19:03 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2007-07-26 19:03 740442 --a------ C:\WINDOWS\system32\DivX.dll
2007-07-26 19:03 593920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
2007-07-26 19:03 57344 --a------ C:\WINDOWS\system32\dpv11.dll
2007-07-26 19:03 53248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
2007-07-26 19:03 344064 --a------ C:\WINDOWS\system32\dpus11.dll
2007-07-26 19:03 294912 --a------ C:\WINDOWS\system32\dpu11.dll
2007-07-26 19:03 294912 --a------ C:\WINDOWS\system32\dpu10.dll
2007-07-26 19:03 196608 --a------ C:\WINDOWS\system32\dtu100.dll
2007-07-26 19:03 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-26 22:10 317440 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe
2007-06-26 11:13 851968 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-06-26 10:09 658944 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 02:08 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8A06A1A7-9E64-4359-8556-B6EA03D69814}]
2007-03-20 21:11 19543 --------- C:\WINDOWS\system32\fxsKED.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"SMSERIAL"="sm56hlpr.exe" [2005-01-24 05:56 C:\WINDOWS\sm56hlpr.exe]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 01:59]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2007-01-14 03:11]
"HostManager"="C:\Program Files\Common Files\AOL\1172892279\ee\AOLSoftware.exe" [2006-09-25 20:52]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 18:30]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 16:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2005-08-03 17:47:14]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fxsKED]
fxsKED.dll 2007-03-20 21:11 19543 C:\WINDOWS\system32\fxsKED.dll



[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2d435b36-e506-11d9-9b78-e6b009352ae7}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54b7200a-c941-11db-a7ef-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480

*Newly Created Service* - CATCHME
*Newly Created Service* - COMHOST
*Newly Created Service* - GTNDIS5
.
Contents of the 'Scheduled Tasks' folder
"2007-09-16 17:41:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-01 04:12:23 C:\WINDOWS\Tasks\HPCeeSchedule.job"
- C:\PROGRA~1\EASYIN~1\Ceement\HPCEE.exe
"2007-09-11 01:06:42 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - Compaq_Owner.job"
.
**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-20 17:40:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-09-20 17:41:53
C:\ComboFix-quarantined-files.txt ... 2007-09-20 17:41
.
--- E O F ---

Did you run it twice??

I did run it twice- it stopped running part of the way through the first time and still hadn't resumed working after a good half hour.

ClickHERE (http://www.pandasoftware.com/products/activescan.htm) to run Panda's ActiveScan

* You need to use IE to run this scan
* Once you are on the Panda site click the Scan your PC button
* A new window will open...click the Check Now button
* Enter your Country
* Enter your State/Province
* Enter your e-mail address and click send
* Select either Home User or Company
* Click the big Scan Now button
* If it wants to install an ActiveX component allow it
* It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
* When download is complete, click on My Computer to start the scan
* When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Incident Status Location

Potentially unwanted tool:application/mywebsearch Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Potentially unwanted tool:application/funweb Not disinfected HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.overture.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.2o7.net/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.as-eu.falkag.net/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.atwola.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/FortuneCity Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.fortunecity.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/WUpd Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.revenue.net/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[.xiti.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt[searchportal.information.com/]
Virus:JS/Downloader.NOE Disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-19bf30c9-13f70fd6.zip[Dvnny.class]
Virus:JS/Downloader.NOE Disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-19bf30c9-13f70fd6.zip[Dex.class]
Virus:JS/Downloader.NOE Disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-19bf30c9-13f70fd6.zip[Dix.class]
Virus:JS/Downloader.NOE Disinfected C:\Documents and Settings\Compaq_Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\crtdcghcn.jar-19bf30c9-13f70fd6.zip[Dux.class]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@2o7[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adrevolver[1].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adrevolver[3].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ads.pointroll[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atwola[1].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@bluestreak[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@bs.serving-sys[2].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@doubleclick[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@fastclick[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@mediaplex[2].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@questionmarket[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@realmedia[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@serving-sys[2].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@statcounter[1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@trafficmp[2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@tribalfusion[1].txt
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe[nircmd.exe]
Hacktool:HackTool/KillProcWin.A Not disinfected C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Wildtangent\Cdacache\00\00\09.dat[simple_killw.exe]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MSN Messenger\msimg32.dll
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\MSN Messenger\riched20.dll
Virus:Generic Malware Disinfected C:\Program Files\Online Services\PeoplePC\Utilities\AtlBrowser.exe
Virus:Generic Malware Disinfected C:\qoobox\Quarantine\C\WINDOWS\system32\tmp2F.tmp.dll.vir
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\NirCmd.exe

Remove in add and remove programs
mywebsearch
funweb

Reboot and post a new hijackthis log.

Err, "mywebsearch" and "funweb" aren't included in my list of installed programs.

Hi there.

little eagle asked for a HJT log, so if you are still with us please post it. ;)

Err, well, I couldn't complete the last instruction I was given, so I was waiting for clarification. But here's the HJT log anyway~
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:43 PM, on 10/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe
C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WMP54GSv1_1.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\AOL\1172892279\ee\AOLSoftware.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
c:\program files\common files\aol\1172892279\ee\services\antiSpywareApp\ver2_0_32_1\AOLSP Scheduler.exe
c:\program files\common files\aol\1172892279\ee\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
c:\program files\common files\aol\1172892279\ee\aexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=presario&pf=desktop&parm1=seconduser
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1172892279\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O8 - Extra context menu item: &Search - ?p=ZK
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174489894093
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {E5168F0C-8591-11D4-BCDF-006008B7FEA4} (PWLNINST Control) - http://plato1.sarasota.k12.fl.us/Pathways/pway_iis.dll/PWLN/02050119/fullcab/pwlninst.cab
O20 - Winlogon Notify: fxsKED - C:\WINDOWS\SYSTEM32\fxsKED.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: WMP54GSSVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Network Adapter with SpeedBooster\WLService.exe

--
End of file - 10898 bytes

Sorry for the misunderstanding.

Close all programs leaving only HijackThis running. Place a check against each of the following,

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Click on Fix Checked when finished and exit HijackThis.


Some of these files my have hidden atributes.
Click Here (http://forums.security-central.us/showthread.php?t=30)Should you need instructions for Showing hidden files and folders in Windows.
Once in safe mode, Click start / then my computer / local disk which should be (C)

then select program files see if there is a folder in there with the name.

mywebsearch or
funweb

right click and delete it if there.

How is the PC running?

Do you still need help?

Sorry, I was away for a bit...but I've finally gotten around to finishing that last part, and the comp's running much better!
Is there anything else I need to do?

Download and install AVG Anti-Spyware (ewido). Then scan and post the report here.
Instructions and download link can be found here (http://forums.security-central.us/showthread.php?t=3165).

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 6:29:13 PM 10/14/2007

+ Scan result:



:mozilla.10:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.11:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.53:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.6:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.7:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.8:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.9:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@laptopmag.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@leeenterprises.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@microsoftwlspacesmkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@pandasoftware.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@realnetworks.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.19:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.20:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.21:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.22:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.23:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@4.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ads.addynamix[1].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.43:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.25:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.40:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.95:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
:mozilla.111:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.112:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.385:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Information : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@auto.search.msn[1].txt -> TrackingCookie.Msn : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.176:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.216:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.434:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@www.paypal[2].txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.27:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.28:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.29:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.30:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.227:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.228:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.232:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.233:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.234:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.235:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@realmedia[2].txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.242:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.243:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.244:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@revsci[2].txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.80:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@edge.ru4[1].txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.249:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.250:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.251:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.252:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.253:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.49:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.274:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.275:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.276:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@anat.tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@tacoda[2].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Cleaned.
:mozilla.284:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.285:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.288:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.236:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.237:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.238:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.239:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.240:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Compaq_Owner\Cookies\compaq_owner@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned.
:mozilla.333:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.334:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.335:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.336:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.337:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.338:C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\l3mlwwow.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end

Reset your restore points, please note that you will need to log into your computer with an account
which has full administrator access. You will know if the account has administrator access because
you will be able to see the System Restore tab. If the tab is missing, you are logged in under a limited account.

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.

---------------------------

To help keep your PC clean follow the recommendations in Tony Klein's article
So how did I get infected in the first place? (http://forums.security-central.us/showthread.php?t=321)