ok here goes
HJT Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:34:00 PM, on 7/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
C:\Program Files\VirtuaWin\VirtuaWin.exe
C:\Program Files\VirtuaWin\modules\WinList.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Azureus\Azureus.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\FlashGet\flashget.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NNLL] C:\Program Files\Net Nanny\nnll.exe
O4 - HKLM\..\Run: [NNTray] C:\Program Files\Net Nanny\nnstart.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\gfmpambo.dll",forkonce
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Startup: V CAST Music Monitor.lnk = C:\Program Files\Verizon Wireless\V CAST Music Essentials Manager\V CAST Music Monitor.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Common Files\DataViz\DvzIncMsgr.exe
O4 - Global Startup: VirtuaWin.lnk = C:\Program Files\VirtuaWin\VirtuaWin.exe
O8 - Extra context menu item: &Search -
http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJfox000
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IE7Pro\IE7Pro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178468840531
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NNSvc - Unknown owner - C:\Program Files\Net Nanny\nnsvc.exe (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 9034 bytes
VundoFix Log
VundoFix V6.5.4
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.8
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.10
Java version is 1.5.0.11
Scan started at 5:44:38 PM 7/8/2007
Listing files found while scanning....
C:\windows\system32\bunirlpv.ini
C:\windows\system32\cbxvttq.dll
C:\windows\system32\cbxyawx.dll
C:\WINDOWS\system32\gfmpambo.dll
C:\windows\system32\khfdebc.dll
C:\WINDOWS\system32\kjjlm.bak1
C:\WINDOWS\system32\kjjlm.bak2
C:\WINDOWS\system32\kjjlm.ini
C:\WINDOWS\system32\kjjlm.ini2
C:\WINDOWS\system32\kjjlm.tmp
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\obmapmfg.ini
C:\windows\system32\ppyrgoir.dll
C:\windows\system32\riogrypp.ini
C:\windows\system32\tutghgqv.dll
C:\windows\system32\vplrinub.dll
[SASInprocServer32]
Beginning removal...
Attempting to delete C:\windows\system32\bunirlpv.ini
C:\windows\system32\bunirlpv.ini Has been deleted!
Attempting to delete C:\windows\system32\cbxvttq.dll
C:\windows\system32\cbxvttq.dll Has been deleted!
Attempting to delete C:\windows\system32\cbxyawx.dll
C:\windows\system32\cbxyawx.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\gfmpambo.dll
C:\WINDOWS\system32\gfmpambo.dll Has been deleted!
Attempting to delete C:\windows\system32\khfdebc.dll
C:\windows\system32\khfdebc.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\kjjlm.bak1
C:\WINDOWS\system32\kjjlm.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\kjjlm.bak2
C:\WINDOWS\system32\kjjlm.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\kjjlm.ini
C:\WINDOWS\system32\kjjlm.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\kjjlm.ini2
C:\WINDOWS\system32\kjjlm.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\kjjlm.tmp
C:\WINDOWS\system32\kjjlm.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\mljjk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\obmapmfg.ini
C:\WINDOWS\system32\obmapmfg.ini Has been deleted!
Attempting to delete C:\windows\system32\ppyrgoir.dll
C:\windows\system32\ppyrgoir.dll Has been deleted!
Attempting to delete C:\windows\system32\riogrypp.ini
C:\windows\system32\riogrypp.ini Has been deleted!
Attempting to delete C:\windows\system32\tutghgqv.dll
C:\windows\system32\tutghgqv.dll Has been deleted!
Attempting to delete C:\windows\system32\vplrinub.dll
C:\windows\system32\vplrinub.dll Has been deleted!
Performing Repairs to the registry.
Done!
SUPERAntiSpyware Scan Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 07/09/2007 at 02:59 AM
Application Version : 3.9.1008
Core Rules Database Version : 3266
Trace Rules Database Version: 1277
Scan type : Complete Scan
Total Scan Time : 08:27:17
Memory items scanned : 698
Memory threats detected : 1
Registry items scanned : 5872
Registry threats detected : 34
File items scanned : 151608
File threats detected : 181
Trojan.Mezzia/Resident
C:\WINDOWS\SYSTEM32\WINGHY32.DLL
C:\WINDOWS\SYSTEM32\WINGHY32.DLL
Adware.MyWebSearch
HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\4.BIN\MWSSRCAS.DLL
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKU\S-1-5-21-57989841-299502267-839522115-1004\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE
C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE
Trojan.WinFixer
HKLM\Software\Classes\CLSID\{4DFB406E-932D-43A2-AEAA-F98299822D72}
HKCR\CLSID\{4DFB406E-932D-43A2-AEAA-F98299822D72}
HKCR\CLSID\{4DFB406E-932D-43A2-AEAA-F98299822D72}\InprocServer32
HKCR\CLSID\{4DFB406E-932D-43A2-AEAA-F98299822D72}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\MLJJK.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DFB406E-932D-43A2-AEAA-F98299822D72}
Trojan.Downloader-Win/GHY
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\winghy32
Adware.Tracking Cookie
C:\Documents and Settings\Elliott\Cookies\elliott@neuroticmedia[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ads.addynamix[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@fastclick[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@statcounter[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@stats1.reliablestats[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@belnk[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@login.tracking101[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@casalemedia[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@f2.bestmanage[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@klik.klikadvertising[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@anad.tacoda[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ad.firstadsolution[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@trafficmp[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@www.ppctracking[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@microsoftwlmessengermkt.112.2o7[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@fortunecity[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@bluestreak[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@67.15.239[3].txt
C:\Documents and Settings\Elliott\Cookies\elliott@drivecleaner[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@cookie.neuroticmedia[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@list[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adopt.euroclick[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@dist.belnk[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ads.pointroll[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@doubleclick[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@overture[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adlegend[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@67.15.239[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@apmebf[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adserver[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@2o7[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@edge.ru4[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@qnsr[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@advertising[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@mywebsearch[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@msnportal.112.2o7[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@license.nmp.neuroticmedia[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adrevolver[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ad.yieldmanager[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@questionmarket[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ads.realtechnetwork[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adrevolver[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@findwhat[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@67.15.239[4].txt
C:\Documents and Settings\Elliott\Cookies\elliott@pch.122.2o7[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@f3.bestmanage[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@tribalfusion[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@atdmt[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@mediaplex[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@adopt.specificclick[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@realmedia[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@as-us.falkag[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@serving-sys[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@f1.bestmanage[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@bs.serving-sys[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@f5.bestmanage[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@acvs.mediaonenetwork[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@cpvfeed[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@linksynergy[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@winantivirus[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@http-mw.edge.ru4[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@reduxads.valuead[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@as-eu.falkag[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@zedo[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@stats.drivecleaner[1].txt
C:\Documents and Settings\Elliott\Cookies\elliott@ad2.adnetinteractive[2].txt
C:\Documents and Settings\Elliott\Cookies\elliott@mediaonenetwork[1].txt
C:\Documents and Settings\Mom\Cookies\mom@2o7[2].txt
C:\Documents and Settings\Mom\Cookies\mom@67.15.239[2].txt
C:\Documents and Settings\Mom\Cookies\mom@67.15.239[3].txt
C:\Documents and Settings\Mom\Cookies\mom@67.15.239[4].txt
C:\Documents and Settings\Mom\Cookies\mom@67.15.239[5].txt
C:\Documents and Settings\Mom\Cookies\mom@67.15.239[6].txt
C:\Documents and Settings\Mom\Cookies\mom@ad.yieldmanager[1].txt
C:\Documents and Settings\Mom\Cookies\mom@adecn[2].txt
C:\Documents and Settings\Mom\Cookies\mom@adopt.euroclick[1].txt
C:\Documents and Settings\Mom\Cookies\mom@adopt.specificclick[2].txt
C:\Documents and Settings\Mom\Cookies\mom@adrevolver[1].txt
C:\Documents and Settings\Mom\Cookies\mom@ads.addynamix[2].txt
C:\Documents and Settings\Mom\Cookies\mom@ads.pointroll[2].txt
C:\Documents and Settings\Mom\Cookies\mom@ads.realtechnetwork[1].txt
C:\Documents and Settings\Mom\Cookies\mom@advertising[1].txt
C:\Documents and Settings\Mom\Cookies\mom@atdmt[2].txt
C:\Documents and Settings\Mom\Cookies\mom@bluestreak[2].txt
C:\Documents and Settings\Mom\Cookies\mom@bs.serving-sys[1].txt
C:\Documents and Settings\Mom\Cookies\mom@doubleclick[1].txt
C:\Documents and Settings\Mom\Cookies\mom@e-2dj6wfkouhcjogq.stats.esomniture[2].txt
C:\Documents and Settings\Mom\Cookies\mom@edge.ru4[1].txt
C:\Documents and Settings\Mom\Cookies\mom@ehg-aig.hitbox[1].txt
C:\Documents and Settings\Mom\Cookies\mom@f1.bestmanage[1].txt
C:\Documents and Settings\Mom\Cookies\mom@f2.bestmanage[1].txt
C:\Documents and Settings\Mom\Cookies\mom@f3.bestmanage[2].txt
C:\Documents and Settings\Mom\Cookies\mom@f5.bestmanage[1].txt
C:\Documents and Settings\Mom\Cookies\mom@fastclick[1].txt
C:\Documents and Settings\Mom\Cookies\mom@findwhat[1].txt
C:\Documents and Settings\Mom\Cookies\mom@goclick[2].txt
C:\Documents and Settings\Mom\Cookies\mom@hitbox[1].txt
C:\Documents and Settings\Mom\Cookies\mom@klik.klikadvertising[2].txt
C:\Documents and Settings\Mom\Cookies\mom@maxserving[2].txt
C:\Documents and Settings\Mom\Cookies\mom@mediaplex[2].txt
C:\Documents and Settings\Mom\Cookies\mom@msnportal.112.2o7[1].txt
C:\Documents and Settings\Mom\Cookies\mom@mywebsearch[2].txt
C:\Documents and Settings\Mom\Cookies\mom@overture[1].txt
C:\Documents and Settings\Mom\Cookies\mom@partner2profit[1].txt
C:\Documents and Settings\Mom\Cookies\mom@philips.112.2o7[1].txt
C:\Documents and Settings\Mom\Cookies\mom@pro-market[1].txt
C:\Documents and Settings\Mom\Cookies\mom@questionmarket[2].txt
C:\Documents and Settings\Mom\Cookies\mom@server.iad.liveperson[2].txt
C:\Documents and Settings\Mom\Cookies\mom@serving-sys[1].txt
C:\Documents and Settings\Mom\Cookies\mom@specificclick[1].txt
C:\Documents and Settings\Mom\Cookies\mom@tacoda[2].txt
C:\Documents and Settings\Mom\Cookies\mom@toseeka[2].txt
C:\Documents and Settings\Mom\Cookies\mom@tribalfusion[1].txt
C:\Documents and Settings\Mom\Cookies\mom@www.harperteen[2].txt
C:\Documents and Settings\Mom\Cookies\mom@www.thirteen[1].txt
C:\Documents and Settings\Mom\Cookies\mom@zedo[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@2o7[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@ad.yieldmanager[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@adopt.euroclick[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@adrevolver[1].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@adrevolver[3].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@as-us.falkag[1].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@atdmt[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@linksynergy[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@maxserving[1].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@msnportal.112.2o7[1].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@mywebsearch[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@questionmarket[1].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@statcounter[2].txt
C:\Documents and Settings\Nicholas\Cookies\nicholas@statse.webtrendslive[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@ad.yieldmanager[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@adrevolver[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@adrevolver[3].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@atdmt[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@bs.serving-sys[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@casalemedia[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@doubleclick[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@fastclick[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@maxserving[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@microsoftwlsearchcrm.112.2o7[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@msnportal.112.2o7[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@mywebsearch[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@serving-sys[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@statcounter[1].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@trafficmp[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@tribalfusion[2].txt
C:\Documents and Settings\Whitaker\Cookies\whitaker@www.burstnet[2].txt
Trojan.Unknown Origin
HKLM\SOFTWARE\Microsoft\MSSMGR
HKLM\SOFTWARE\Microsoft\MSSMGR#Data
HKLM\SOFTWARE\Microsoft\MSSMGR#LSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#Brnd
HKLM\SOFTWARE\Microsoft\MSSMGR#MSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#PID
HKLM\SOFTWARE\Microsoft\MSSMGR#Rid
HKLM\SOFTWARE\Microsoft\MSSMGR#LID
HKLM\SOFTWARE\Microsoft\MSSMGR#SCLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#SSLIST
HKLM\SOFTWARE\Microsoft\MSSMGR#BSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#SSTV
HKLM\SOFTWARE\Microsoft\MSSMGR#BPTV
HKLM\SOFTWARE\Microsoft\MSSMGR#PSTV
C:\DOCUMENTS AND SETTINGS\ELLIOTT\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\OL6JGX2N\XC60[1].EXE
Adware.Vundo/Traff-2
C:\DOCUMENTS AND SETTINGS\ELLIOTT\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\WJL7AAJL\KCEHC_EICOOC20070702[1]
Trojan.Downloader-Gen/HitItQuitIt
C:\SYSTEM VOLUME INFORMATION\_RESTORE{C854E235-0AB0-428B-A1D9-57B576B595FF}\RP340\A0158301.DLL
Adware.Vundo Variant
C:\SYSTEM VOLUME INFORMATION\_RESTORE{C854E235-0AB0-428B-A1D9-57B576B595FF}\RP340\A0158302.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{C854E235-0AB0-428B-A1D9-57B576B595FF}\RP340\A0158304.DLL
C:\VUNDOFIX BACKUPS\CBXYAWX.DLL.BAD
C:\VUNDOFIX BACKUPS\KHFDEBC.DLL.BAD
Adware.DollarRevenue
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\Y3IRSRUT\RDFX4[2].exe
Trace.Known Threat Sources
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\OBIN36AY\anti4[1].exe
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\8XQF8XER\antzom[1].exe
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\G0ACD6QM\text[1].dat
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\M1E70J4V\ico1[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\OL6JGX2N\_affvm[1]
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\OBIN36AY\top_pic2[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\OH2JKH6V\wav_banner[1].swf
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\91K34N6G\test[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\HISTUM5F\checksoft[1].js
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\Y3IRSRUT\button2[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\GTQZKD2V\top1[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\G1E3KPMV\text[1].dat
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\G5AN81U7\_jnvm[1]
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\8X27W9MV\CA9CKJX9.js
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\Y3IRSRUT\CAPG4F5H.htm
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\OBIN36AY\top1_menu[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\G1E3KPMV\logo[1].gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\GTQZKD2V\CAYN054L.gif
C:\Documents and Settings\Elliott\Local Settings\Temporary Internet Files\Content.IE5\7YI2RMQC\ico2[1].gif
C:\Documents and Settings\Mom\Local Settings\Temporary Internet Files\Content.IE5\49E3OXAJ\functions.js[1].php
Is this everything that you needed? Also thanks in advance for helping!