I downloaded a bad program about two weeks ago and it contained a virus. Since running the program, my computer has been attacked by several spyware, malware, etc.

I keep getting popups from Winantivirus (or something) in Firefox and random popups from IE when I'm not even running the browser. In addition, there is occasionnally something deleting values in my registry (reported by Spybot), which I can't deny access, and then trying to add things, which I deny access to (it repeats itself over and over though). Usually, this problem is resolved once I reboot the computer, but there has been a new item that keeps coming back despite restarting.

Here are my log files. Thanks in advance for any help!

Logfile of HijackThis v1.99.1
Scan saved at 9:44:15 PM, on 9/27/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\keyhook.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\AOL\1137184845\ee\AOLSoftware.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://creative-sanctum.deviantart.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137184845\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [IPHSend] C:\Program Files\Common Files\AOL\IPHSend\IPHSend.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
O4 - HKLM\..\Run: [NI.UWA6P_0001_N91M1807] "c:\documents and settings\liu family\application data\winantiviruspro2006freeinstall[1].exe" -nag
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: PowerReg Scheduler V3.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\WTablet\TabUserW.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.scribeweb.dyndns.org
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {0B1B7F9A-F92E-4F03-8E3A-58BD64D364D0} (EonUISpace Class) - (local)
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe

Here's the log from the Panda Software scanner:

Incident Status Location

Adware:adware/securityerror Not disinfected c:\windows\system32\ot.ico
Spyware:spyware/media-motor Not disinfected c:\windows\unstall.exe
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-100.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-100.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-101.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-101.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-102.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-102.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-103.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-103.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-104.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-104.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-105.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-105.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-106.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-106.txt[.atwola.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-91.txt[.belnk.com/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-92.txt[.seeq.com/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-92.txt[www48.seeq.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-92.txt[.belnk.com/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-93.txt[.seeq.com/]
Spyware:Cookie/Seeq Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-93.txt[www48.seeq.com/]
Spyware:Cookie/Belnk Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-93.txt[.belnk.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-94.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-94.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-95.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-95.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-96.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-96.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-97.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-97.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-98.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-98.txt[.atwola.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-99.txt[.apmebf.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies-99.txt[.atwola.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\LIU FAMILY\Application Data\Mozilla\Firefox\Profiles\sng6qain.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Falkag Not disinfected C:\Documents and Settings\LIU FAMILY\Cookies\liu family@as-us.falkag[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\LIU FAMILY\Cookies\liu family@perf.overture[1].txt
Adware:Adware/PCodec Not disinfected C:\Documents and Settings\LIU FAMILY\Local Settings\Temp\b124.exe[²ÜÇ\nsRandom.dll]
Potentially unwanted tool:Application/SpywareQuake Not disinfected C:\Documents and Settings\LIU FAMILY\Local Settings\Temp\sa443.exe[Spy-Quake2.exe]
Adware:Adware/IconAds Not disinfected C:\Documents and Settings\LIU FAMILY\Local Settings\Temp\temp.fr50AE\Uninst.exe
Spyware:Cookie/Netster Not disinfected C:\Documents and Settings\shaliu\Application Data\Mozilla\Firefox\Profiles\mugl5dlh.default\cookies.txt[lb1.netster.com/]
Spyware:Spyware/Virtumonde Not disinfected C:\WINDOWS\system32\rqrppqp.dll

Hello
Rightclick on your Hijackthis and rename it to something like test.exe run it scan save log and post another please.

This topic has been archived.

If you need it re-opened please send me a private message (pm) and provide a link to the thread.
Applies only to the original topic starter.