Virus.Win32.Fontra.c has been picked up by the free kapersky online scan on my p.c.

i have tried everything i know (which isn't alot really ) to remove it and can't. :(

i am running XP.and as my name suggests i am a complete novice.

has anyone else had this problem?

Does Kaspersky give you the option to remove the virus?

Life's more painless for the brainless.

no it doesn't.

Please download and install the latest version of HijackThis v2.0.2:

Download the "HijackThis" Installer from this link:
Hijack This

1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

results from hijack this scan....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:13, on 11/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virgin Broadband\PCguard\fws.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe
C:\Program Files\Virgin Broadband\PCguard\Rps.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\WINDOWS\system32\gearsec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Virgin Broadband\advisor\BroadbandadvisorComHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Documents and Settings\a\Desktop\HiJackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?Lin...
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Virgin Broadband\PCguard\pkR.dll
O2 - BHO: Form Filler BHO - {56071E0D-C61B-11D3-B41C-00E02927A304} - C:\Program Files\Virgin Broadband\PCguard\FBHR.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Broadbandadvisor.exe] "C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" /AUTORUN
O4 - HKLM\..\Run: [PCguard] "C:\Program Files\Virgin Broadband\PCguard\Rps.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DACSMiniApp] C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.iqon.ie
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/englis...
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/h...
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www.truprint.co.uk/TruprintA...
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/act...
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xcle...
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/re...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windows...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microso...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cheekychicksspace92x.spaces....
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/M...
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://advisor.futuremark.com/globa...
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: gearsec - GEAR Software - C:\WINDOWS\system32\gearsec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PCguard Firewall (RP_FWS) - Radialpoint Inc. - C:\Program Files\Virgin Broadband\PCguard\fws.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

--
End of file - 9242 bytes

Run Hijack This, close all browsers and windows except Hijack This, place a check to the left of the following items and press "fix checked":

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cheekychicksspace92x.spaces....

Exit Hijack this.

Please download ComboFix to the desktop from this link: ComboFix

Double-click combofix.exe
Follow the prompts.
(Don't click on the window while the program is running, it may cause your system to hang.)
Please post the log it produces.

ComboFix 08-01-09.2 - a 2008-01-12 18:44:17.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.91 [GMT 0:00]
Running from: C:\Documents and Settings\a\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\RECYCLER\RB21.tmp
C:\RECYCLER\RB3.tmp
C:\WINDOWS\system32\taskkill.exe

.
((((((((((((((((((((((((( Files Created from 2007-12-12 to 2008-01-12 )))))))))))))))))))))))))))))))
.

2008-01-12 18:35 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 00:45 . 2007-08-01 22:47 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-01-11 13:06 . 2008-01-12 18:51 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-11 13:05 . 2008-01-11 13:06 <DIR> d-------- C:\Program Files\ThreatFire
2008-01-11 13:05 . 2008-01-11 13:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-01-11 13:05 . 2007-12-20 11:24 52,032 --a------ C:\WINDOWS\system32\drivers\TfFsMon.sys
2008-01-11 13:05 . 2007-12-20 11:24 41,792 --a------ C:\WINDOWS\system32\drivers\TfSysMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 33,600 --a------ C:\WINDOWS\system32\drivers\TfNetMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
2008-01-11 01:02 . 2008-01-12 01:00 <DIR> d-------- C:\Documents and Settings\a\.housecall6.6
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-09 23:18 . 2008-01-12 01:03 22 --a------ C:\Program Files\c.zip
2008-01-09 23:18 . 2008-01-12 01:03 22 --a------ C:\Program Files\b.zip
2008-01-09 23:18 . 2008-01-12 01:03 22 --a------ C:\Program Files\a.zip
2008-01-09 23:17 . 2008-01-09 23:17 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-01-07 00:01 . 2008-01-08 13:07 <DIR> d-------- C:\Program Files\LimeWire
2008-01-05 17:07 . 2008-01-05 17:07 <DIR> d-------- C:\Documents and Settings\a\Application Data\Fisher-Price
2008-01-05 17:05 . 2008-01-05 17:05 <DIR> d-------- C:\Program Files\Fisher-Price
2008-01-05 17:03 . 2008-01-05 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Fisher-Price
2007-12-30 00:33 . 2007-12-30 00:33 <DIR> d-------- C:\Program Files\THQ
2007-12-25 23:00 . 2008-01-04 12:53 <DIR> d-------- C:\Documents and Settings\a\Application Data\Image Zone Express
2007-12-25 22:46 . 2007-12-25 22:46 <DIR> d-------- C:\Documents and Settings\a\Application Data\HP
2007-12-25 22:45 . 2007-12-25 22:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-12-25 22:43 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\Common Files\HP
2007-12-25 22:40 . 2007-12-25 22:40 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-12-25 22:39 . 2006-04-13 00:04 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-12-25 22:39 . 2006-04-13 00:04 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-12-25 22:38 . 2006-01-04 09:12 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
2007-12-25 22:38 . 2006-04-10 14:03 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-25 22:37 . 2006-03-03 21:03 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-12-25 22:37 . 2007-08-09 07:27 73,728 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-12-25 22:37 . 2006-03-03 21:03 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-12-25 22:37 . 2006-03-03 21:02 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-12-25 22:36 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\HP
2007-12-25 22:33 . 2007-12-25 22:46 117,408 --a------ C:\WINDOWS\hpoins11.dat
2007-12-25 14:45 . 2007-12-25 14:45 213 --a------ C:\WINDOWS\MEGATRIS.INI
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\MegaTris
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\CyberPrincess Software
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\ADC-Soft
2007-12-25 14:43 . 2007-12-25 14:43 <DIR> d-------- C:\Program Files\Hemming
2007-12-25 14:42 . 2007-12-25 14:42 <DIR> d-------- C:\Program Files\BrickShooter
2007-12-25 14:42 . 2007-12-25 14:42 <DIR> d-------- C:\Program Files\3rd block 2
2007-12-25 11:18 . 2007-12-25 11:18 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.15
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp95FC6.FOT
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp87FC6.FOT
2007-12-21 23:03 . 2007-12-21 23:04 <DIR> d-------- C:\Program Files\Incomplete
2007-12-16 19:53 . 2007-12-16 19:53 148 --ah----- C:\sqmdata09.sqm
2007-12-16 19:53 . 2007-12-16 19:53 136 --ah----- C:\sqmnoopt09.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-12 18:33 --------- d-----w C:\Documents and Settings\a\Application Data\SiteAdvisor
2008-01-12 15:25 --------- d-----w C:\Program Files\Common Files\Command Software
2008-01-11 22:02 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-11 21:58 --------- d-----w C:\Program Files\Common Files\PestPatrol
2008-01-10 21:25 --------- d-----w C:\Documents and Settings\a\Application Data\LimeWire
2008-01-10 13:23 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-10 01:37 25,214 ----a-w C:\Program Files\B.ico
2008-01-10 01:37 25,214 ----a-w C:\Program Files\A.ico
2008-01-10 01:21 --------- d-----w C:\Documents and Settings\a\Application Data\Uniblue
2007-12-15 06:12 --------- d-----w C:\Program Files\Picasa2
2007-12-09 17:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-09 17:32 --------- d-----w C:\Program Files\GSP
2007-11-23 21:54 --------- d-----w C:\Program Files\Java
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2006-04-27 21:00 24,192 ----a-w C:\Documents and Settings\a\usbsermptxp.sys
2006-04-27 21:00 22,768 ----a-w C:\Documents and Settings\a\usbsermpt.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2004-01-15 19:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-05-14 06:35 188416]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-01-14 11:00 339968]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-04-01 21:28 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
"Broadbandadvisor.exe"="C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-01-24 14:12 2037240]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\Rps.exe" [2007-01-24 18:53 275960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2007-07-24 12:20 197888]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2007-12-20 11:13 1238336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 19:29 39264]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 21:18 443968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2007-12-20 11:24]
R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2007-12-20 11:24]
R0 viaide1;viaide1;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R0 viaide2;viaide2;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R2 gearsec;gearsec;C:\WINDOWS\system32\gearsec.exe [2003-12-01 14:27]
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
R3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2007-12-20 11:13]

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2008-01-12 18:41:09 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-12-29 23:54:00 C:\WINDOWS\Tasks\System Diagnostic.job"
- C:\PROGRA~1\CYBERL~1\PowerDVD\cldma.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-12 18:51:13
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-12 18:53:14
ComboFix-quarantined-files.txt 2008-01-12 18:53:09
.
2008-01-10 21:28:50 --- E O F ---

That looks much better.

Empty the restore folder. Go to start>control panel>system>system restore tab>check the box beside "turn off system restore>apply (takes a minute)>ok. Go back and uncheck the box to turn system restore back on>apply>ok.

Download ATF Cleaner from this link:
ATF Cleaner

Run ATF-Cleaner
Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.

Please run the BitDefender online scan this link:
Bitdefender Online Scanner

You will need to allow an active x install for the scan to run.
Leave the scanning options at default and press "click here to scan"
When finished scanning, click on "click here to export the scan report"
Save it to your desktop, at "file name" type in "bdscan" then click save.
Post a log in your reply.

Let us know how your computer is operating.

here's the report, not sure if it deleted them as it says update failed...

BitDefender Online Scanner
Scan report generated at: Sun, Jan 13, 2008 - 22:16:40

Scan path: A:\;C:\;D:\;E:\;

Statistics
Time 01:29:49
Files 322905
Folders 8484
Boot Sectors 3
Archives 10321
Packed Files 8927

Results
Identified Viruses 2
Infected Files 3
Suspect Files 0
Warnings 0
Disinfected 0
Deleted Files 3

Engines Info
Virus Definitions 889936
Engine build AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Scan plugins 14
Archive plugins 38
Unpack plugins 7
E-mail plugins 6
System plugins 1

Scan Settings
First Action Disinfect
Second Action Delete
Heuristics Yes
Enable Warnings Yes
Scanned Extensions *;
Exclude Extensions
Scan Emails Yes
Scan Archives Yes
Scan Packed Yes
Scan Files Yes
Scan Boot Yes


Scanned File Status
C:\Documents and Settings\a\.housecall6.6\Quarantine\a.zip.bac_a12376=>(Quarantine-4)=>Setup.exe Infected with: Backdoor.Genlot.KK
C:\Documents and Settings\a\.housecall6.6\Quarantine\a.zip.bac_a12376=>(Quarantine-4)=>Setup.exe Disinfection failed
C:\Documents and Settings\a\.housecall6.6\Quarantine\a.zip.bac_a12376=>(Quarantine-4)=>Setup.exe Deleted
C:\Documents and Settings\a\.housecall6.6\Quarantine\a.zip.bac_a12376=>(Quarantine-4) Updated
C:\Documents and Settings\a\.housecall6.6\Quarantine\a.zip.bac_a12376 Update failed
C:\Documents and Settings\a\.housecall6.6\Quarantine\b.zip.bac_a12376=>(Quarantine-4)=>Video.exe Infected with: Backdoor.Genlot.KK
C:\Documents and Settings\a\.housecall6.6\Quarantine\b.zip.bac_a12376=>(Quarantine-4)=>Video.exe Disinfection failed
C:\Documents and Settings\a\.housecall6.6\Quarantine\b.zip.bac_a12376=>(Quarantine-4)=>Video.exe Deleted
C:\Documents and Settings\a\.housecall6.6\Quarantine\b.zip.bac_a12376=>(Quarantine-4) Updated
C:\Documents and Settings\a\.housecall6.6\Quarantine\b.zip.bac_a12376 Update failed
C:\Documents and Settings\a\.housecall6.6\Quarantine\c.zip.bac_a12376=>(Quarantine-4)=>Track_03.exe Infected with: Win32.Worm.Vb.NJQ
C:\Documents and Settings\a\.housecall6.6\Quarantine\c.zip.bac_a12376=>(Quarantine-4)=>Track_03.exe Disinfection failed
C:\Documents and Settings\a\.housecall6.6\Quarantine\c.zip.bac_a12376=>(Quarantine-4)=>Track_03.exe Deleted
C:\Documents and Settings\a\.housecall6.6\Quarantine\c.zip.bac_a12376=>(Quarantine-4) Updated
C:\Documents and Settings\a\.housecall6.6\Quarantine\c.zip.bac_a12376 Update failed

Go to start> control panel> add/remove programs and uninstall "LimeWire" at least until we get your computer cleaned.

Navigate to "C:\Documents and Settings\a\.housecall6.6\Quarantine" and delete the contents of the "Quarantine" folder.

Open Notepad and copy/paste everything between the X"s into it and make sure "File::" is at the very top of the page.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
File::
C:\Program Files\c.zip
C:\Program Files\a.zip
C:\Program Files\b.zip

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red X on your desktop) if combofix does not auto start click "run".

Please go to Virus Total and upload the following file for analysis:

C:\Program Files\B.ico

C:\Program Files\A.ico

C:\WINDOWS\system32\tmp95FC6.FOT

C:\WINDOWS\system32\tmp87FC6.FOT

Post the results in your reply.

ComboFix 08-01-09.2 - a 2008-01-14 0:52:07.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.171 [GMT 0:00]
Running from: C:\Documents and Settings\a\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\a\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\Program Files\a.zip
C:\Program Files\b.zip
C:\Program Files\c.zip
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\a.zip
C:\Program Files\b.zip
C:\Program Files\c.zip

.
((((((((((((((((((((((((( Files Created from 2007-12-14 to 2008-01-14 )))))))))))))))))))))))))))))))
.

2008-01-14 00:39 . 2008-01-14 00:39 244 --a------ C:\WINDOWS\_delis32.ini
2008-01-13 20:37 . 2008-01-13 22:32 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-01-13 20:30 . 2008-01-13 20:30 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-12 18:35 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 00:45 . 2007-08-01 22:47 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-01-11 13:06 . 2008-01-14 00:55 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-11 13:05 . 2008-01-11 13:06 <DIR> d-------- C:\Program Files\ThreatFire
2008-01-11 13:05 . 2008-01-11 13:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-01-11 13:05 . 2007-12-20 11:24 52,032 --a------ C:\WINDOWS\system32\drivers\TfFsMon.sys
2008-01-11 13:05 . 2007-12-20 11:24 41,792 --a------ C:\WINDOWS\system32\drivers\TfSysMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 33,600 --a------ C:\WINDOWS\system32\drivers\TfNetMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
2008-01-11 01:02 . 2008-01-12 01:00 <DIR> d-------- C:\Documents and Settings\a\.housecall6.6
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-09 23:17 . 2008-01-09 23:17 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-01-05 17:07 . 2008-01-05 17:07 <DIR> d-------- C:\Documents and Settings\a\Application Data\Fisher-Price
2008-01-05 17:05 . 2008-01-05 17:05 <DIR> d-------- C:\Program Files\Fisher-Price
2008-01-05 17:03 . 2008-01-05 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Fisher-Price
2007-12-30 00:33 . 2007-12-30 00:33 <DIR> d-------- C:\Program Files\THQ
2007-12-25 23:00 . 2008-01-13 23:56 <DIR> d-------- C:\Documents and Settings\a\Application Data\Image Zone Express
2007-12-25 22:46 . 2007-12-25 22:46 <DIR> d-------- C:\Documents and Settings\a\Application Data\HP
2007-12-25 22:45 . 2007-12-25 22:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-12-25 22:43 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\Common Files\HP
2007-12-25 22:40 . 2007-12-25 22:40 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-12-25 22:39 . 2006-04-13 00:04 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-12-25 22:39 . 2006-04-13 00:04 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-12-25 22:38 . 2006-01-04 09:12 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
2007-12-25 22:38 . 2006-04-10 14:03 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-25 22:37 . 2006-03-03 21:03 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-12-25 22:37 . 2007-08-09 07:27 73,728 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-12-25 22:37 . 2006-03-03 21:03 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-12-25 22:37 . 2006-03-03 21:02 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-12-25 22:36 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\HP
2007-12-25 22:33 . 2007-12-25 22:46 117,408 --a------ C:\WINDOWS\hpoins11.dat
2007-12-25 14:45 . 2007-12-25 14:45 213 --a------ C:\WINDOWS\MEGATRIS.INI
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\CyberPrincess Software
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\ADC-Soft
2007-12-25 14:43 . 2007-12-25 14:43 <DIR> d-------- C:\Program Files\Hemming
2007-12-25 14:42 . 2008-01-14 00:40 <DIR> d-------- C:\Program Files\BrickShooter
2007-12-25 11:18 . 2007-12-25 11:18 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.15
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp95FC6.FOT
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp87FC6.FOT
2007-12-21 23:03 . 2007-12-21 23:04 <DIR> d-------- C:\Program Files\Incomplete
2007-12-16 19:53 . 2007-12-16 19:53 148 --ah----- C:\sqmdata09.sqm
2007-12-16 19:53 . 2007-12-16 19:53 136 --ah----- C:\sqmnoopt09.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-14 00:34 --------- d-----w C:\Documents and Settings\a\Application Data\SiteAdvisor
2008-01-13 23:29 --------- d-----w C:\Program Files\Common Files\Command Software
2008-01-13 22:35 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-12 21:26 --------- d-----w C:\Program Files\Common Files\PestPatrol
2008-01-10 21:25 --------- d-----w C:\Documents and Settings\a\Application Data\LimeWire
2008-01-10 13:23 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-10 01:37 25,214 ----a-w C:\Program Files\B.ico
2008-01-10 01:37 25,214 ----a-w C:\Program Files\A.ico
2008-01-10 01:21 --------- d-----w C:\Documents and Settings\a\Application Data\Uniblue
2007-12-15 06:12 --------- d-----w C:\Program Files\Picasa2
2007-12-09 17:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-09 17:32 --------- d-----w C:\Program Files\GSP
2007-11-23 21:54 --------- d-----w C:\Program Files\Java
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 10:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2006-04-27 21:00 24,192 ----a-w C:\Documents and Settings\a\usbsermptxp.sys
2006-04-27 21:00 22,768 ----a-w C:\Documents and Settings\a\usbsermpt.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-12_18.52.33.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-13 20:42:25 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-01-13 20:42:29 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-01-13 20:42:33 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-01-13 20:42:54 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2007-10-25 10:26:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2007-10-25 10:26:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-13 20:42:59 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-13 20:42:34 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2007-10-25 10:26:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2007-10-25 10:26:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2008-01-12 18:35:47 241,664 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-01-14 00:51:23 241,664 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-12 18:35:47 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-14 00:51:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-12 18:35:47 6,615,040 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-01-14 00:51:24 6,615,040 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-12 18:35:47 217,088 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-14 00:51:24 217,088 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
- 2008-01-12 18:35:47 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
+ 2008-01-14 00:51:24 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
- 2008-01-12 18:35:48 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-14 00:51:24 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2004-01-15 19:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-05-14 06:35 188416]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-01-14 11:00 339968]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-04-01 21:28 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
"Broadbandadvisor.exe"="C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-01-24 14:12 2037240]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\Rps.exe" [2007-01-24 18:53 275960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2007-07-24 12:20 197888]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2007-12-20 11:13 1238336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 19:29 39264]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 21:18 443968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2007-12-20 11:24]
R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2007-12-20 11:24]
R0 viaide1;viaide1;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R0 viaide2;viaide2;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R2 gearsec;gearsec;C:\WINDOWS\system32\gearsec.exe [2003-12-01 14:27]
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
R3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2007-12-20 11:13]

.
Contents of the 'Scheduled Tasks' folder
"2008-01-13 20:29:13 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-12-29 23:54:00 C:\WINDOWS\Tasks\System Diagnostic.job"
- C:\PROGRA~1\CYBERL~1\PowerDVD\cldma.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-14 00:55:41
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-14 0:56:57
ComboFix-quarantined-files.txt 2008-01-14 00:56:46
ComboFix2.txt 2008-01-12 18:53:16
.
2008-01-13 20:32:11 --- E O F ---

File B.ico received on 01.14.2008 01:59:46 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)

File A.ico received on 01.14.2008 02:06:55 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)

File tmp95FC6.FOT received on 01.14.2008 02:11:17 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)

File tmp87FC6.FOT received on 01.14.2008 02:11:35 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/32 (0%)

Open Notepad and copy/paste everything between the X"s into it and make sure "File::" is at the very top of the page.
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
File::
C:\WINDOWS\_delis32.ini
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Go to File on the top bar and choose" Save As", Change the "Save As Type" to All Files, Name it CFScript.txt then save it to your desktop.
Then drag/drop the CFScript.txt onto ComboFix.exe (the red X on your desktop) if combofix does not auto start click "run".

Check these two files with Virustotal please and post the results with the new Combofix scan.

C:\WINDOWS\system32\tmp95FC6.FOT

C:\WINDOWS\system32\tmp87FC6.FOT

ComboFix 08-01-09.2 - a 2008-01-14 21:58:35.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.125 [GMT 0:00]
Running from: C:\Documents and Settings\a\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\a\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\_delis32.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\_delis32.ini

.
((((((((((((((((((((((((( Files Created from 2007-12-14 to 2008-01-14 )))))))))))))))))))))))))))))))
.

2008-01-13 20:37 . 2008-01-13 22:32 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-01-12 18:35 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-12 00:45 . 2007-08-01 22:47 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-01-11 13:06 . 2008-01-14 22:04 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-11 13:05 . 2008-01-11 13:06 <DIR> d-------- C:\Program Files\ThreatFire
2008-01-11 13:05 . 2008-01-11 13:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Tools
2008-01-11 13:05 . 2007-12-20 11:24 52,032 --a------ C:\WINDOWS\system32\drivers\TfFsMon.sys
2008-01-11 13:05 . 2007-12-20 11:24 41,792 --a------ C:\WINDOWS\system32\drivers\TfSysMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 33,600 --a------ C:\WINDOWS\system32\drivers\TfNetMon.sys
2008-01-11 13:05 . 2007-12-20 11:13 12,608 --a------ C:\WINDOWS\system32\drivers\TfKbMon.sys
2008-01-11 01:02 . 2008-01-12 01:00 <DIR> d-------- C:\Documents and Settings\a\.housecall6.6
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-10 00:16 . 2008-01-10 00:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-09 23:17 . 2008-01-09 23:17 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2008-01-05 17:07 . 2008-01-05 17:07 <DIR> d-------- C:\Documents and Settings\a\Application Data\Fisher-Price
2008-01-05 17:05 . 2008-01-05 17:05 <DIR> d-------- C:\Program Files\Fisher-Price
2008-01-05 17:03 . 2008-01-05 17:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Fisher-Price
2007-12-30 00:33 . 2007-12-30 00:33 <DIR> d-------- C:\Program Files\THQ
2007-12-25 23:00 . 2008-01-13 23:56 <DIR> d-------- C:\Documents and Settings\a\Application Data\Image Zone Express
2007-12-25 22:46 . 2007-12-25 22:46 <DIR> d-------- C:\Documents and Settings\a\Application Data\HP
2007-12-25 22:45 . 2007-12-25 22:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-12-25 22:43 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\Common Files\HP
2007-12-25 22:40 . 2007-12-25 22:40 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2007-12-25 22:39 . 2006-04-13 00:04 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-12-25 22:39 . 2006-04-13 00:04 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-12-25 22:38 . 2006-01-04 09:12 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
2007-12-25 22:38 . 2006-04-10 14:03 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-12-25 22:38 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys
2007-12-25 22:37 . 2006-03-03 21:03 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-12-25 22:37 . 2006-03-03 21:02 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-12-25 22:37 . 2007-08-09 07:27 73,728 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-12-25 22:37 . 2006-03-03 21:03 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-12-25 22:37 . 2006-03-03 21:02 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-12-25 22:36 . 2007-12-25 22:44 <DIR> d-------- C:\Program Files\HP
2007-12-25 22:33 . 2007-12-25 22:46 117,408 --a------ C:\WINDOWS\hpoins11.dat
2007-12-25 14:45 . 2007-12-25 14:45 213 --a------ C:\WINDOWS\MEGATRIS.INI
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\CyberPrincess Software
2007-12-25 14:44 . 2007-12-25 14:44 <DIR> d-------- C:\Program Files\ADC-Soft
2007-12-25 14:43 . 2007-12-25 14:43 <DIR> d-------- C:\Program Files\Hemming
2007-12-25 14:42 . 2008-01-14 00:40 <DIR> d-------- C:\Program Files\BrickShooter
2007-12-25 11:18 . 2007-12-25 11:18 <DIR> d-------- C:\Program Files\MP3 Player Utilities 4.15
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp95FC6.FOT
2007-12-24 06:04 . 2007-12-24 06:04 1,409 --a------ C:\WINDOWS\system32\tmp87FC6.FOT
2007-12-21 23:03 . 2007-12-21 23:04 <DIR> d-------- C:\Program Files\Incomplete
2007-12-16 19:53 . 2007-12-16 19:53 148 --ah----- C:\sqmdata09.sqm
2007-12-16 19:53 . 2007-12-16 19:53 136 --ah----- C:\sqmnoopt09.sqm

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-14 01:19 --------- d-----w C:\Documents and Settings\a\Application Data\SiteAdvisor
2008-01-13 23:29 --------- d-----w C:\Program Files\Common Files\Command Software
2008-01-13 22:35 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-12 21:26 --------- d-----w C:\Program Files\Common Files\PestPatrol
2008-01-10 21:25 --------- d-----w C:\Documents and Settings\a\Application Data\LimeWire
2008-01-10 13:23 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-10 01:37 25,214 ----a-w C:\Program Files\B.ico
2008-01-10 01:37 25,214 ----a-w C:\Program Files\A.ico
2008-01-10 01:21 --------- d-----w C:\Documents and Settings\a\Application Data\Uniblue
2007-12-15 06:12 --------- d-----w C:\Program Files\Picasa2
2007-12-09 17:32 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-09 17:32 --------- d-----w C:\Program Files\GSP
2007-11-23 21:54 --------- d-----w C:\Program Files\Java
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:26 721,920 ----a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 23:42 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-27 17:40 222,720 ----a-w C:\WINDOWS\system32\dllcache\wmasf.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-10-25 10:26 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2006-04-27 21:00 24,192 ----a-w C:\Documents and Settings\a\usbsermptxp.sys
2006-04-27 21:00 22,768 ----a-w C:\Documents and Settings\a\usbsermpt.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-12_18.52.33.31 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-13 20:42:25 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-01-13 20:42:29 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-01-13 20:42:33 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-01-13 20:42:54 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2007-10-25 10:26:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2007-10-25 10:26:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-13 20:42:59 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-13 20:42:34 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2007-10-25 10:26:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2007-10-25 10:26:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2008-01-12 18:35:47 241,664 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
+ 2008-01-14 21:58:20 241,664 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000001\NTUSER.DAT
- 2008-01-12 18:35:47 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
+ 2008-01-14 21:58:20 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000002\UsrClass.dat
- 2008-01-12 18:35:47 6,615,040 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
+ 2008-01-14 21:58:20 6,615,040 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000003\NTUSER.DAT
- 2008-01-12 18:35:47 217,088 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
+ 2008-01-14 21:58:21 217,088 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000004\UsrClass.dat
- 2008-01-12 18:35:47 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
+ 2008-01-14 21:58:21 237,568 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000005\NTUSER.DAT
- 2008-01-12 18:35:48 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
+ 2008-01-14 21:58:21 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\[u]0[/u]0000006\UsrClass.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-09-07 12:55 1871872]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2004-01-15 19:33 49152 C:\WINDOWS\system32\VTTimer.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2003-05-14 06:35 188416]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:56 110592 C:\WINDOWS\system32\bthprops.cpl]
"snpstd3"="C:\WINDOWS\vsnpstd3.exe" [2005-01-14 11:00 339968]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-04-01 21:28 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 18:20 866584]
"Broadbandadvisor.exe"="C:\Program Files\Virgin Broadband\advisor\Broadbandadvisor.exe" [2007-01-24 14:12 2037240]
"PCguard"="C:\Program Files\Virgin Broadband\PCguard\Rps.exe" [2007-01-24 18:53 275960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"DACSMiniApp"="C:\Program Files\Fisher-Price\DACS\MiniApp\DACSMiniApp.exe" [2007-07-24 12:20 197888]
"ThreatFire"="C:\Program Files\ThreatFire\TFTray.exe" [2007-12-20 11:13 1238336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56 15360]
"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 19:29 39264]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 21:18 443968]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

R0 TfFsMon;TfFsMon;C:\WINDOWS\system32\drivers\TfFsMon.sys [2007-12-20 11:24]
R0 TfSysMon;TfSysMon;C:\WINDOWS\system32\drivers\TfSysMon.sys [2007-12-20 11:24]
R0 viaide1;viaide1;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R0 viaide2;viaide2;C:\WINDOWS\system32\DRIVERS\viaidexp.sys [2001-10-18 11:00]
R2 gearsec;gearsec;C:\WINDOWS\system32\gearsec.exe [2003-12-01 14:27]
R2 ThreatFire;ThreatFire;C:\Program Files\ThreatFire\TFService.exe service []
R3 TfNetMon;TfNetMon;C:\WINDOWS\system32\drivers\TfNetMon.sys [2007-12-20 11:13]

.
Contents of the 'Scheduled Tasks' folder
"2008-01-14 21:36:29 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-12-29 23:54:00 C:\WINDOWS\Tasks\System Diagnostic.job"
- C:\PROGRA~1\CYBERL~1\PowerDVD\cldma.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-14 22:04:48
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-14 22:06:42
ComboFix-quarantined-files.txt 2008-01-14 22:06:37
ComboFix2.txt 2008-01-14 00:56:58
ComboFix3.txt 2008-01-12 18:53:16
.
2008-01-13 20:32:11 --- E O F ---

File tmp87FC6.FOT received on 01.14.2008 02:11:35 (CET)
Current status: finished
Result: 0/32 (0.00%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.13 -
Authentium 4.93.8 2008.01.13 -
Avast 4.7.1098.0 2008.01.14 -
AVG 7.5.0.516 2008.01.13 -
BitDefender 7.2 2008.01.14 -
CAT-QuickHeal 9.00 2008.01.12 -
ClamAV 0.91.2 2008.01.13 -
DrWeb 4.44.0.09170 2008.01.13 -
eSafe 7.0.15.0 2008.01.13 -
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.13 -
FileAdvisor 1 2008.01.14 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 -
F-Secure 6.70.13030.0 2008.01.14 -
Ikarus T3.1.1.20 2008.01.14 -
Kaspersky 7.0.0.125 2008.01.14 -
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.14 -
NOD32v2 2788 2008.01.13 -
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.13 -
Prevx1 V2 2008.01.14 -
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.14 -
TheHacker 6.2.9.187 2008.01.13 -
VBA32 3.12.2.5 2008.01.13 -
VirusBuster 4.3.26:9 2008.01.13 -
Webwasher-Gateway 6.6.2 2008.01.14 -
Additional information
File size: 1409 bytes
MD5: a75ee15816f5d77793dfade209a473bb
SHA1: a50171be28eeac4e3c9a69bbd8bfaa9464476a4c
PEiD: -

File tmp95FC6.FOT received on 01.14.2008 02:11:17 (CET)
Current status: finished
Result: 0/32 (0.00%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.1.12.10 2008.01.11 -
AntiVir 7.6.0.46 2008.01.13 -
Authentium 4.93.8 2008.01.13 -
Avast 4.7.1098.0 2008.01.14 -
AVG 7.5.0.516 2008.01.13 -
BitDefender 7.2 2008.01.14 -
CAT-QuickHeal 9.00 2008.01.12 -
ClamAV 0.91.2 2008.01.13 -
DrWeb 4.44.0.09170 2008.01.13 -
eSafe 7.0.15.0 2008.01.13 -
eTrust-Vet 31.3.5451 2008.01.11 -
Ewido 4.0 2008.01.13 -
FileAdvisor 1 2008.01.14 -
Fortinet 3.14.0.0 2008.01.13 -
F-Prot 4.4.2.54 2008.01.13 -
F-Secure 6.70.13030.0 2008.01.14 -
Ikarus T3.1.1.20 2008.01.14 -
Kaspersky 7.0.0.125 2008.01.14 -
McAfee 5205 2008.01.11 -
Microsoft 1.3109 2008.01.14 -
NOD32v2 2788 2008.01.13 -
Norman 5.80.02 2008.01.11 -
Panda 9.0.0.4 2008.01.13 -
Prevx1 V2 2008.01.14 -
Rising 20.26.62.00 2008.01.13 -
Sophos 4.24.0 2008.01.13 -
Sunbelt 2.2.907.0 2008.01.12 -
Symantec 10 2008.01.14 -
TheHacker 6.2.9.187 2008.01.13 -
VBA32 3.12.2.5 2008.01.13 -
VirusBuster 4.3.26:9 2008.01.13 -
Webwasher-Gateway 6.6.2 2008.01.14 -
Additional information
File size: 1409 bytes
MD5: 2a714582d974ebbfff8200781d9b72d7
SHA1: b0e7ad49490365775ef575e0fc82e2c25bfa9ee8
PEiD: -

Looks good.

Empty the restore folder once again and run AFT Cleaner.

How is the computer operating?

You should consider adding "Spywareblaster" to your arsenol of antispyware tools, you can download it from this link Spywareblaster

Just download it,install it, and update it. Its free and runs in the background, so you don't actually run it, and re-writes malicious script before it can install on your computer. Look for updates weekly as there is no auto-update on the free version.

Done AFT cleaner again.

Also did kapersky online scan again and all clear.

Also downloaded Spywareblaster.

Having a few problems with Virgin PC Guard at the moment. i keep getting error message saying "settings are corrupt, restore back up of settings". once i do that it resets all the firewall rules and turns off the real time virus protection and auto updates.

is there any free/shareware anti-virus software you recommend i could use in it's place?

by the way thanks for all your help, it's much appricated.

:)

oh buy the way, it's slow to start up, but i think thats to do with pc guard, once its up and running it's working fine.

I use the free version of AVG, you can download it at this link:
AVG Free Antivirus

thanks...

what about a recommended free firewall?

You can download the free version of Zonealarm Firewall from this link:

Zonealarm Free Version

thanks

much appricated

Glad we could help.