To whom it may concern,

I'm Jennifer, and I posted earlier in another thread about someone hacking my aol email account (I'm on a 2006 Dell PC, Windows XP, I don't think the other software or hardware details are important, but if you need them let me know.) It was then brought to my attention that one very likely cause was malware, that someone "hacked my PC and got the password from me." Until now, I had some outdated anti-spyware programs, but I have now posted my 1st HijackThis log below (I've only done step 1 of the main suggestions and have yet to restart my computer). And below that, I will post a BitDefender log that I did yesterday.

Please let me know what steps I can take to fix these problems, while I keep going with Step 2 of the main suggestions.
Thanks for all your time!
Jennifer

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4014

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

4/20/2010 9:17:41 PM
mbam-log-2010-04-20 (21-17-41).txt

Scan type: Quick scan
Objects scanned: 158955
Time elapsed: 13 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 15
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{f663b917-591f-4172-8d87-3d7d729007ca} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{b80a3586-caa5-41c8-89bf-e617f0b6cfbf} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82e5e2ff-9260-4d88-b0c6-7cc358c5d418} (Adware.SearchAid) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{63f7460b-c831-4142-a4aa-5ec303ec4343} (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\bat.dll (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BATCO (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Batco (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bat (Adware.Batco) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Bat (Adware.Batco) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\All Users\Application Data\Rabio (Adware.Rabio) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Rabio\Search Enhancer (Adware.Rabio) -> Quarantined and deleted successfully.
C:\Program Files\Batco (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\QdrDrive (Adware.SearchAid) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Batco\bat.dll.intermediate.manifest (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\bat.info (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\bat.original (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\info.dll (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\un_BatSetup_15073.exe (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\un_BatSetup_15073.txt (Adware.Batco) -> Quarantined and deleted successfully.
C:\Program Files\Batco\X_bat.log (Adware.Batco) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jennifer Klausner\Start Menu\Programs\Startup\Bat - Auto Update.lnk (Adware.Batco) -> Quarantined and deleted successfully.


BitDefender Online Scanner



Scan report generated at: Mon, Apr 19, 2010 - 22:21:44





Scan path: C:\;D:\;E:\;







Statistics

Time
01:52:07

Files
472754

Folders
14710

Boot Sectors
0

Archives
13741

Packed Files
22476




Results

Identified Viruses
1

Infected Files
3

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
4




Engines Info

Virus Definitions
5682511

Engine build
AVCORE v2.1 Windows/i386 11.0.0.33 (Feb 25 2010)

Scan plugins
17

Archive plugins
44

Unpack plugins
8

E-mail plugins
6

System plugins
4




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\backup32\TSC_GENCLEAN_2010_04_19_20_17_53_994_198.DAT=>(Embedded EXE g)
Detected with: Application.Generic.17120

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\backup32\TSC_GENCLEAN_2010_04_19_20_17_53_994_198.DAT=>(Embedded EXE g)
Disinfection failed

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\backup32\TSC_GENCLEAN_2010_04_19_20_17_53_994_198.DAT=>(Embedded EXE g)
Deleted

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\backup32\TSC_GENCLEAN_2010_04_19_20_17_53_994_198.DAT
Update failed

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\log\08715DCB-3591-428A-95CB-52852456FD54\backup\5=>(Quarantine-PE)
Detected with: Application.Generic.17120

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\log\08715DCB-3591-428A-95CB-52852456FD54\backup\5=>(Quarantine-PE)
Disinfection failed

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\log\08715DCB-3591-428A-95CB-52852456FD54\backup\5=>(Quarantine-PE)
Deleted

C:\Documents and Settings\Jennifer Klausner\Local Settings\Temp\HouseCall\log\08715DCB-3591-428A-95CB-52852456FD54\backup\5
Deleted

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP288\A0048441.dll
Detected with: Application.Generic.17120

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP288\A0048441.dll
Disinfection failed

C:\System Volume Information\_restore{46DE8921-1D39-44D2-A9E9-64119261F211}\RP288\A0048441.dll
Deleted