Run Killbox over the following file (check if it still exists first - locate the full path location, e.g.: c:\windows\system32\):

repairs303169590.dll





Do any of the following files still exist on your system? Two of the items have absolutely no Google matches (probably bogus files):

c:\windows\system32\arpa.dll
taskmgr.dll ------------> possible trojan (locate a full path location)
C:\WINDOWS\system32\taskmgr.dll



Submit any of the above files, if found, as follows:


Check out the following unfamiliar files or potential malware FILE PATH variations:


HIDDEN FILES: To make sure you can see any and all hidden files, please follow the directions here

• If not apparent, determine the FULL FILE PATH for each (unfamiliar) file item listed BELOW.
  Use Start (BUTTON)>Search or use the F3 key.
• Please copy and PASTE each FULL FILE PATH into the 'Select File' input box
  OR
  navigate to the file using the BROWSE button. Submit each FULL PATH file item to one of the site(s) below to obtain their immediate FEEDBACK assessment on each item:
  
  
  http://www.virustotal.com/flash/index_en.html (10MB file size maximum)

Let us know what the results were for the file(s) and/or delete those files you determine to be bad (at least two [2] or more negative site responses).

ALTERNATE SITE: http://virusscan.jotti.org/ (15MB file size maximum)



Submit a new Hijackthis LOG later tomorrow in case something changes.

I am having a hard time finding that repair thing but here is a log from nod32: The one thing that I cant seem to shake is his purity scan thing that seems still linger.

Time Module Object Name Threat Action User Information
8/3/2006 20:26:10 PM Kernel file c:\program files\?ymbols\n?pdb.exe a variant of Win32/Adware.PurityScan application
8/2/2006 20:19:11 PM Kernel file c:\program files\?ymbols\n?pdb.exe a variant of Win32/Adware.PurityScan application
8/2/2006 17:19:11 PM AMON file C:\DOCUME~1\Matt\LOCALS~1\Temp\ctxad.exe a variant of Win32/Adware.PurityScan application quarantined - deleted HOME-7D29C75291\Matt Event occurred on a new file created by the application: C:\WINDOWS\DOBE~1\explorer.exe. The file was moved to quarantine. You may close this window.
8/1/2006 19:36:08 PM AMON file C:\DOCUME~1\Matt\LOCALS~1\Temp\ctxad.exe a variant of Win32/Adware.PurityScan application quarantined - deleted HOME-7D29C75291\Matt Event occurred on a new file created by the application: C:\WINDOWS\DOBE~1\explorer.exe. The file was moved to quarantine. You may close this window.
8/1/2006 6:43:44 AM AMON file C:\System Volume Information\_restore{3CD15CCF-28BE-4DBC-B43A-CD3E9DC00F2E}\RP323\A0078704.exe a variant of Win32/Adware.PurityScan application quarantined - deleted NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe. The file was moved to quarantine. You may close this window.
7/31/2006 1840 PM Kernel file c:\program files\?ymbols\n?pdb.exe a variant of Win32/Adware.PurityScan application
7/31/2006 13:55:30 PM Kernel file c:\progra~1\common~1\icroso~1\nlooku~1.exe a variant of Win32/Adware.PurityScan application