Have spyware infection Abebot on my PC!

Here is the files

CFScript

Open notepad and copy/paste the text in the code box below into it:
NOTE* make sure to only highlight and copy what is inside the quote box nothing out side of it.
Also ..

Pay particular attention to this :-

Make sure the word File:: is on the first line of the text file you save (no blank line above it, & no space in front of it)

Save this as CFScript.txt

Then drag the CFScript.txt into ComboFix.exe as you see in the screenshot below.



This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a fresh HJT log.

Thanks!! Here is the files

Depending on whether HijackThis was run before or after the CFScript then that line is still there, its getting quite resilient.

Boot into Safe Mode -you may want to save this in a notepad file on your desktop so you can have it while in safe mode

• Restart your computer and start pressing the F8 key on your keyboard.
• Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

Run Hijackthis and Select Do A System Scan Only
Put a check mark next to the following entries:
O4 - HKLM\..\Policies\Explorer\Run: [rgWFEtNPPQ] I:\Documents and Settings\All Users\Application Data\ezclqdql\gxwzsbil.exe

Select Fix Checked

Close Hijackthis

Show hidden files through windows explorer

• Access Windows Explorer by clicking Start, point to All Programs, Accesories, and then click Windows Explorer. Or hold the windows key and press E
• On the Tools menu in Windows Explorer, click Folder Options.
• Click the View tab.
• Under Hidden files and folders, click Show hidden files and folders and Turn Hide protected operating system files off.

Use Windows Explorer to navigate to and delete the following folder:

Files:
I:\Documents and Settings\All Users\Application Data\ezclqdql <-This folder only

Restart your computer into normal mode

Run a new scan with Hijackthis and attach the log

O4 - HKLM\..\Policies\Explorer\Run: [rgWFEtNPPQ] I:\Documents and Settings\All Users\Application Data\ezclqdql\gxwzsbil.exe

Dont see this lines in Hijackthis???

I see it in your last log right between

O4 - HKCU\..\Run: [SUPERAntiSpyware] I:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKLM\..\Policies\Explorer\Run: [rgWFEtNPPQ] I:\Documents and Settings\All Users\Application Data\ezclqdql\gxwzsbil.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] I:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')

Use Windows Explorer to navigate to and delete the following folder:

Files:
I:\Documents and Settings\All Users\Application Data\ezclqdql <-This folder only

I'm having problem to find this file again. ezclqdql??

Download Pocket Killbox by Option^Explicit from here

• Double-click on Killbox.exe to start Pocket Killbox
• Select the Delete on reboot option
• Click on All Files
• Select the text in the below codebox and press Ctrl+C to copy it to the clipboard
  
  Code:

  I:\Documents and Settings\All Users\Application Data\ezclqdql 

• Go back to Pocket Killbox and click File > Paste from clipboard
• Click on the button in Pocket Killbox that looks like this
• You will now get the prompt Files will be removed on reboot Do you want reboot now?
• Click Yes this will restart your pc
• Note: If your PC does not restart automatically please restart it manually

Thanks for the help, Here is the log files

Go to add/remove programs and get rid of PowerReg Scheduler or anything like it.


Fix entries using HiJackThis

• Launch HiJackThis
• Click the Do a system scan only button
• Put a check next to the entries listed below

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - Startup: PowerReg Scheduler V3.exe

• IMPORTANT: Do NOT click fix until you exit all browser sessions including the one you are reading in right now
• Click the Fix checked button and close HiJackThis
• Reboot HijackThis if necessary

Update your Java Runtime Environment

• First try going to Start -> Control Panel -> double click Java
• Select the Update TAb at the top
• Click the Check for Updates button at the bottom
• If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
• After it installs the newest version Go back to Control Panel -> Add/remove programs
• Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.

• Click the following link
  Java Runtime Environment 6 Update 5
• The 4th option down is the one you want (click Download)
• Check the box to agree to terms of service
• Check the box for your operating system and click 'Download selected'at the bottom
• After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
• Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

You should get a firewall as well, either, these firewalls are all free,

• Comodo
• Kerio
• Online Armor
• Zonealarm

Thanks, But i'm cannt get PowerReg Scheduler in add/remove programs??
Could be in others name?

do a scan with combofix and post the log, ill be able to see from that.

Do the other steps first though.

Create an uninstall list

• Launch Hijackthis
• Click the Open the Misc Tools section button
• Click the Open Uninstall Manager button.
• Click the Save list button.
• Copy and paste this log into your next reply

ACDSee Pro
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Common File Installer
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Fonts All
Adobe FrameMaker v7.1
Adobe Help Center 1.0
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS2
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Premiere Pro 2.0
Adobe Reader 7.0.9
Adobe Setup
Adobe Stock Photos 1.0
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AGEIA PhysX v2.3.3
Ai Booster
Alternate Dictionary 1.405
ArtMoney SE v7.22
ASP.NET Maker 2.2
ASUS DH Remote
ASUS Enhanced Display Driver
ASUS GameFace Library
ASUS GameLiveShow
ASUS SmartDoctor
ASUS Utilities
ASUS VideoSecurity Online
ASUS WiFi-AP Solo
ASUS_Ai_Proactive_Screensaver (E)
AsusUpdate
AVG 7.5
Avid Codecs LE
Avid DIO Runtime
Avid EDL Manager
Avid FilmScribe
Avid Log Exchange
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities Digital Photo Professional 3.1
Canon Utilities EOS Utility
Canon Utilities Original Data Security Tools
Canon Utilities PhotoStitch
Canon Utilities Picture Style Editor
Canon Utilities WFT-E1/E2/E3 Utility
Canon Utilities ZoomBrowser EX
Chinese Star XP
CINEMA 4D Release 10
CloneCD
CloneDVD2
Command & Conquer 3
Cool MP3 Splitter 2.2
Creative Jukebox Driver
Creative Removable Disk Manager
Creative System Information
Creative Zen Micro
DesktopX Professional
Digidesign Audio Drivers 7.1
Digital Image Recovery 1.47
Dragonshard
Dungeon Siege 2
Easy Photo Recovery 1.0
EasyRecovery Professional Trial
EZ-Backup Manager
FinalRecovery 1.3
GameFace Messenger
Ghost Recon Advanced Warfighter
Google Toolbar for Internet Explorer
Gothic III
Gothic III Release Update
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB935448)
iFinger 2.0
InterLok Driver Kit
InterVideo Launcher
J2SE Runtime Environment 5.0
Java(TM) 6 Update 3
JRAID
K-Lite Codec Pack 2.82 Full
LiveUpdate 3.0 (Symantec Corporation)
Macromedia Dreamweaver MX 2004
Macromedia Extension Manager
Macromedia Flash MX
Macromedia Flash MX 2004
Macromedia FreeHand MXa
Malwarebytes' Anti-Malware
Manga Studio EX 3.0
Marvell Miniport Driver
MediaRescue Pro 3.9
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft AppLocale
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Application Compatibility Database
Mozilla Firefox (2.0.0.13)
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
mTC (remove only)
Nero Suite
Neverwinter Nights
Neverwinter Nights 2
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia Software Updater
NVIDIA Drivers
ObjectRescue Pro 4.0
Opera 9.26
PC Connectivity Solution
PC Probe II
PDF Settings
PhotoRescue Pro 4.0
Power MP3 Cutter Joiner 1.12
Power MP3 Recorder Cutter, (ver 5.0)
PPLive 1.9
PPStream
QuickTime
Realtek High Definition Audio Driver
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 2.0 (KB928365)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923694)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925454)
Security Update for Windows XP (KB925486)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB929969)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB946026)
Sentinel Protection Installer 7.2.2
Serials 2000
Serials 2000
SimCity 4 Rush Hour
Skype™ 3.5
SmartSound Quicktracks Plugin
SpellForce 2 - Shadow Wars
SpellForce 2 Update v1.02
Spyware Doctor 5.5
SUPERAntiSpyware Free Edition
TheSage
ThumbDrive Guard
TVUPlayer 2.3.0.0
Ulead VideoStudio 9.0
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB929338)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VeohTV BETA
Versal FileDownload ActiveX Control Trial Version
Virtual Cable Tester
Vodafone Mobile Connect Lite
WindowBlinds
Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar
Windows Media Format Runtime
Windows Media Player 10
Windows Support Tools
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinRAR archiver
WMA To MP3 Encoder 5.09
X360 Video Player ActiveX Control
Xfire (remove only)
Yahoo! Toolbar

Ccleaner
Download CCleaner from HERE.

• Double click on the ccsetup.exe file to start the installation of the program.
• Select your language and click OK, then next.
• Read the license agreement and click I Agree.
• Click next to use the default install location.
• Under Install Options, choose all the default settings except untick install the Yahoo! Toolbar.
• Click Install then finish to complete installation.
• Double click the CCleaner shortcut on the desktop to start the program.
• In advanced deselect "Old Prefetch Data."
• Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items. Click on Issues and make sure Registry Integrity is UNchecked!
• Click on the "Cleaner" icon on the left side of the window, then click Run Cleaner to run the program.
• After CCleaner has completed this process several times until no more errors are found, click Exit.

Java(TM) 6 Update 3
LiveUpdate 3.0 (Symantec Corporation)
Yahoo! Toolbar

Unistall these three, then run combofix and attach the log.

while i try to remove the last one(Java(TM) 6 Update 3), this prompt me:

Have spyware infectipn Abebot on my PC! - Page 2 - TechSpot OpenBoards - Windows Internet Explorer

Do this bit first then try unistalling that,

Update your Java Runtime Environment

• First try going to Start -> Control Panel -> double click Java
• Select the Update TAb at the top
• Click the Check for Updates button at the bottom
• If it finds the newer version (Java 6 Update 5) Follow the on screen instructions
• After it installs the newest version Go back to Control Panel -> Add/remove programs
• Uninstall any older versions of Java

If for some reason you couldn't update through the above instructions.

• Click the following link
  Java Runtime Environment 6 Update 5
• The 4th option down is the one you want (click Download)
• Check the box to agree to terms of service
• Check the box for your operating system and click 'Download selected'at the bottom
• After the install Go to Start-> Control Panel-> add/remove programs (Programs and features), and uninstall any old versions
• Navigate to C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

C:\programfiles\Java -> delete any subfolders except the jre1.6.0_05 folder

The other subfolder(jre1.5.0) i tryin to remove prompt me this:
Cannot delete jucheck.exe: Access is denied.

Make sure the disk is not full or write-protected and that the file is not currently use.

Skip it for now and do the ccleaner bit.

You need to take ownership of the file, it's not of huge importance to do right away but when you delete the file do this:

1. Right-click the file that you want to take ownership of, and then click Properties.
2. Click the Security tab, and then click OK on the Security message (if one appears).
3. Click Advanced, and then click the Owner tab.
4. In the Name list, click Administrator, or click the Administrators group, and then click OK.

The administrator or the Administrators group now owns the file. To change the permissions on the files and folders under this folder, go to step 5.
5. Click Add.
6. In the Enter the object names to select (examples) list, type the user or group account that you want to give access to the file. For example, type your user name or Administrator.
7. Click OK.
8. In the Group or user names list, click the account that you want, and then select the check boxes of the permissions that you want to assign that user.
9. When you are finished assigning permissions, click OK.