I'm sorry, I just read the post saying we should not attach logs:
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 07/07/2010 at 05:30 PM
Application Version : 4.40.1002
Core Rules Database Version : 5134
Trace Rules Database Version: 2946
Scan type : Complete Scan
Total Scan Time : 02:31:59
Memory items scanned : 550
Memory threats detected : 0
Registry items scanned : 7728
Registry threats detected : 3
File items scanned : 185244
File threats detected : 37
Adware.Flash Tracking Cookie
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\SERVING-SYS.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\BC.YOUPORN.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\STATIC.YOUPORN.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\IA.MEDIA-IMDB.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\MEDIA.ENTERTONEMENT.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\EC.ATDMT.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\SPE.ATDMT.COM
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\M1.2MDN.NET
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\M1.EMEA.2MDN.NET
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\S0.2MDN.NET
C:\Users\Elisa\AppData\Roaming\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\NDUZ5RBG\SECURE-US.IMRWORLDWIDE.COM
Rogue.AntivirusSoft
HKU\S-1-5-21-2443503019-3500141324-4188383778-1000\Software\avsoft
Malware.Trace
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
HKU\S-1-5-21-2443503019-3500141324-4188383778-1000\SOFTWARE\XML
HKU\S-1-5-21-2443503019-3500141324-4188383778-1000\SOFTWARE\AVSUITE
Trojan.Agent/Gen-FraudLoad
C:\USERS\ELISA\APPDATA\LOCAL\TEMP\ERMS.EXE
C:\Windows\Prefetch\ERMS.EXE-DF23FA25.pf
Trojan.Agent/Gen-Small[Parvat]
C:\USERS\ELISA\APPDATA\LOCAL\TEMP\MSRXACONEW.EXE
C:\Windows\Prefetch\MSRXACONEW.EXE-D5D62C85.pf
Trojan.Agent/Gen-NET
C:\USERS\ELISA\APPDATA\LOCAL\VIRTUALSTORE\WINDOWS\SYSTEM32\NET.NET
Adware.Tracking Cookie
bc.youporn.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
cdn2.themis-media.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
cdn5.specificclick.net [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
cloud.video.unrulymedia.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
ec.atdmt.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
gw.callingbanners.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
ia.media-imdb.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
m1.2mdn.net [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
m1.emea.2mdn.net [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
media.entertonement.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
media.restaurant-bookings.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
media.scanscout.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
media01.kyte.tv [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
s0.2mdn.net [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
secure-us.imrworldwide.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
serving-sys.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
spe.atdmt.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
static.youporn.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RBG ]
www.emitourtracker.com [ C:\Users\Elisa\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUZ5RB
_______________________________________
___________________________________
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4289
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
7/7/2010 6:03:05 PM
mbam-log-2010-07-07 (18-03-05).txt
Scan type: Quick scan
Objects scanned: 142531
Time elapsed: 10 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 5
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\UBC5AB1IDP (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\EWABQAF7KL (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\oskpmnnf (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ewabqaf7kl (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Users\Elisa\AppData\Local\yipovrvjr\eqltluotssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Roaming\2b01e43f.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\system32\Drivers\igcmc.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\omsxenwcar.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\rgdrebd.exe (Trojan.Insain) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\drebjsrc.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\emwfggn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\vlln.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\Kzv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Elisa\downloads\setup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
C:\Users\Elisa\AppData\Local\Temp\Kzx.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
_______________________________________
_______________________________________
_
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:11:00 PM, on 7/7/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
--
End of file - 5240 bytes
Sorry about that error with attaching first...