Tried the ATF cleaner, cleaned everything, quick scan showed it was still there in the same spot.
running a boot scan currently, but it’s already found 2 javascript infections, and a corrupted Itunes CAB archive.
I told it too send everything to the chest, hope thats ok.
edit: Boot scans Done. Results are:
5 infected files (all moved to chest)
2[1].htm Location [c:\Users\temp\Appdata\local\microsoft\windows\temporary internet files\low\content.IE5\JAHGEDJD] (original)
myf\y\AppletX.Class Location [C:\Users\Cherie\Appdata\Locallow\Sun\Java\Deployment\Cache\6.0\48\26e14b0-3c6504dd]
myf\y\AppletX.class Location [C:\Users\guys\Appdata\Locallow\Sun\Java\Deplyment\Cache\6.0\26\3a242c1a-19dac87a]
myf\y\LoaderX.class [C:\Users\Cherie\Appdata\locallow\Sun\Java\Deployment\cache\6.0\48\26e14b0-3c6504dd]
myf\y\Loader.class Location [C:\Users\Guys\Appdata\Locallow\Sun\Java\Deployment\Cache\6.0\26\3a242c1a-19dac87a]
If you need logs, just tell me where to look, and i’ll get you them.
I’ll run MBAM after this, and check into Superantispyware…
Edit: Malwarebytes fullscan report:
Malwarebytes’ Anti-Malware 1.45
www.malwarebytes.org
Database version: 3961
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904
4/6/2010 9:31:08 PM
mbam-log-2010-04-06 (21-31-08).txt
Scan type: Full scan (C:|D:|)
Objects scanned: 223075
Time elapsed: 52 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
double edit: ran SAS and it found some tracking cookies, which i quarantined then deleted