As requested here are the very first scans I made:
MBAM Log May 18, 2009Malwarebytes' Anti-Malware 1.36
Database version: 2149
Windows 5.1.2600 Service Pack 3
5/18/2009 6:21:29 PM
mbam-log-2009-05-18 (18-21-29).txt
Scan type: Quick Scan
Objects scanned: 86684
Time elapsed: 4 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 5
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b2ba40a2-74f0-42bd-f434-12345a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2ba40a2-74f0-42bd-f434-12345a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\seneka (Rootkit.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{b2ba40a2-74f0-42bd-f434-12345a2c8953} (Trojan.Ertfor) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\p2hhr.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lmppcsetup.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
After Reboot:Malwarebytes' Anti-Malware 1.36
Database version: 2149
Windows 5.1.2600 Service Pack 3
5/18/2009 6:32:51 PM
mbam-log-2009-05-18 (18-32-51).txt
Scan type: Quick Scan
Objects scanned: 86192
Time elapsed: 5 minute(s), 42 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
SAS Log May 19, 2009:SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/19/2009 at 11:23 AM
Application Version : 4.26.1002
Core Rules Database Version : 3895
Trace Rules Database Version: 1845
Scan type : Complete Scan
Total Scan Time : 03:36:01
Memory items scanned : 273
Memory threats detected : 0
Registry items scanned : 5989
Registry threats detected : 2
File items scanned : 100580
File threats detected : 21
Trojan.Sino-PWS/Gen
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BA40A2-74F0-42BD-F434-12345A2C8953}
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BA40A2-74F0-42BD-F434-12345A2C8953}
Adware.Tracking Cookie
C:\Documents and Settings\Guest\Cookies\guest@2o7[1].txt
C:\Documents and Settings\Guest\Cookies\guest@ad.yieldmanager[2].txt
C:\Documents and Settings\Guest\Cookies\guest@ad1.king[1].txt
C:\Documents and Settings\Guest\Cookies\guest@adrevolver[1].txt
C:\Documents and Settings\Guest\Cookies\guest@ads.pointroll[1].txt
C:\Documents and Settings\Guest\Cookies\guest@atdmt[2].txt
C:\Documents and Settings\Guest\Cookies\guest@avgtechnologies.112.2o7[1].txt
C:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt
C:\Documents and Settings\Guest\Cookies\guest@dynamic.media.adrevolver[1].txt
C:\Documents and Settings\Guest\Cookies\guest@media.adrevolver[1].txt
C:\Documents and Settings\Guest\Cookies\guest@media.mtvnservices[1].txt
C:\Documents and Settings\Guest\Cookies\guest@msnportal.112.2o7[1].txt
C:\Documents and Settings\Guest\Cookies\guest@overture[2].txt
C:\Documents and Settings\Guest\Cookies\guest@questionmarket[1].txt
C:\Documents and Settings\Guest\Cookies\guest@richmedia.yahoo[2].txt
C:\Documents and Settings\Guest\Cookies\guest@specificclick[2].txt
C:\Documents and Settings\Guest\Cookies\guest@statse.webtrendslive[2].txt
C:\Documents and Settings\Guest\Cookies\guest@viacom.adbureau[2].txt
Rogue.FakeAlert/Wallpaper
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\O3TMUVNF\WARNING[1].GIF
Trace.Known Threat Sources
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\R0VO277K\winlogon[1].htm
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\R0VO277K\loads[1].htm
And after:SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 05/19/2009 at 04:18 PM
Application Version : 4.26.1002
Core Rules Database Version : 3895
Trace Rules Database Version: 1845
Scan type : Complete Scan
Total Scan Time : 04:20:34
Memory items scanned : 263
Memory threats detected : 0
Registry items scanned : 5987
Registry threats detected : 0
File items scanned : 99438
File threats detected : 0
All of the infections are being maintained in the MBAM quarantine.