Trying to help Friend Went through First Steps

Hello most likely chaslang,

My friends comp is plagued w/pop ups. First off went through the post (twice) of "before you post go through these programs....." Anyway did all in safemode, trend cleaned 8, symantec wouldnt go the second time, adaware found about 300 entries, spybot found some more, did CC, ran CW, first time it found somthing (forgot what it was) second time nothing, and I ran kill2me.

Anyway I am stilling getting popups in IE and Firefox and some damn thing keeps grabbing trojans. Particularly Appsetup.exe (troj_small.cb). ezstub.exe, wo (somthing).exe also come back and I remember a picsvr.exe and a n20050308.exe too all come back.

I have lojack analyzed a couple of hijackthis logs each after rebooting and nothing else seems to show up in the log (there are some winsock entries but havent done anything yet since i have connectivity) I know is has something to do with Ezula and zesty search (the last showing as a hijack attempt twice in adaware and i think spybot)

She needs her comp back tonight so i wont be able to do much but any thoughts would be appreciated. I hope you dont hate me but Im attaching a jack log too so you can see what im talking about.

one of the websites that keeps popping up: www.loadingwebsite.com/normal/yyy32.html and redzipsearch just thought id mention it incase it helps

 

Messenger plus only puts the spyware on your system if you choose to accept the sponser

 

Thanks a lot for looking. I didnt even really think of what messenger plus might be. ugh, was so burnt out by the end of it. Is MessPlus associated with the loading website and redzip crap/pops? or is it more the lps entries? Anyway will hopefully be able to post by tommorrow night or Monday.

Thanks again and the comp. was shut down since i posted, will this be a problem w/the LSP&L2fixes? i.e. do i have to do the scans over and repost jack log? crap. Ill check back tomorrow fo rthe exciting conclusion.

Destructo