Well, I never thought I'd see a virus that lets your computer basically run normally, but shuts out all your defenses and resists eradication so strongly...there are some choice things I would like to do to the creators of this ATM...

So, I got a blue screen "stop error", while doing some normal tasks, and it's been he** in a handbasket since. I had no Internet for a while, a call to Dell revealed my Trend Micro PCCillin had been corrupted and had to be uninstalled. The virus had disabled it anyway, and also System Restore.

BitDefender and Panda Activescan have confirmed a Win32.Bagle, I got it somehow from Emule, I naively didn't even realize I had a suspicious file. I don't know precisely what file it was, but have an idea and deleted the suspects. I had been having bad notifications though anyway for ages of "b152.exe" or"b***.exe" from PCCillin - that program never could get rid of those files. :/

Since getting internet back up, I have done considerable cleanup in fits and starts from reading various forums - I got ComboFix to run by renaming it, and and HijackThis to run only as part of the MGTools package. I was able to get CCleaner to run eventually and nuked a lot there, but that's as far as I got - Spybot and various other things still get the error "not a valid Win32 application".

Here is a ComboFix log (it hung before spitting out the log, but I went and found it):

ComboFix 08-03-05.1 - Greta 2008-03-05 21:58:03.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1552 [GMT -6:00]
Running from: C:\Documents and Settings\Greta\Desktop\Combo-Fix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\kernel
C:\Program Files\Temporary
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\1002984.exe
C:\WINDOWS\system32\drivers\down\1010718.exe
C:\WINDOWS\system32\drivers\down\105203.exe
C:\WINDOWS\system32\drivers\down\109609.exe
C:\WINDOWS\system32\drivers\down\1158421.exe
C:\WINDOWS\system32\drivers\down\118312.exe
C:\WINDOWS\system32\drivers\down\141000.exe
C:\WINDOWS\system32\drivers\down\14756968.exe
C:\WINDOWS\system32\drivers\down\14758093.exe
C:\WINDOWS\system32\drivers\down\14759750.exe
C:\WINDOWS\system32\drivers\down\14761578.exe
C:\WINDOWS\system32\drivers\down\14798968.exe
C:\WINDOWS\system32\drivers\down\148015.exe
C:\WINDOWS\system32\drivers\down\14842062.exe
C:\WINDOWS\system32\drivers\down\14844203.exe
C:\WINDOWS\system32\drivers\down\14852093.exe
C:\WINDOWS\system32\drivers\down\14857593.exe
C:\WINDOWS\system32\drivers\down\14865703.exe
C:\WINDOWS\system32\drivers\down\14870640.exe
C:\WINDOWS\system32\drivers\down\14871281.exe
C:\WINDOWS\system32\drivers\down\14872125.exe
C:\WINDOWS\system32\drivers\down\14895921.exe
C:\WINDOWS\system32\drivers\down\14900468.exe
C:\WINDOWS\system32\drivers\down\14955687.exe
C:\WINDOWS\system32\drivers\down\151968.exe
C:\WINDOWS\system32\drivers\down\158031.exe
C:\WINDOWS\system32\drivers\down\159875.exe
C:\WINDOWS\system32\drivers\down\169359.exe
C:\WINDOWS\system32\drivers\down\171828.exe
C:\WINDOWS\system32\drivers\down\172125.exe
C:\WINDOWS\system32\drivers\down\174062.exe
C:\WINDOWS\system32\drivers\down\175031.exe
C:\WINDOWS\system32\drivers\down\177656.exe
C:\WINDOWS\system32\drivers\down\185593.exe
C:\WINDOWS\system32\drivers\down\186484.exe
C:\WINDOWS\system32\drivers\down\192125.exe
C:\WINDOWS\system32\drivers\down\193718.exe
C:\WINDOWS\system32\drivers\down\194625.exe
C:\WINDOWS\system32\drivers\down\195265.exe
C:\WINDOWS\system32\drivers\down\195593.exe
C:\WINDOWS\system32\drivers\down\197953.exe
C:\WINDOWS\system32\drivers\down\200062.exe
C:\WINDOWS\system32\drivers\down\200125.exe
C:\WINDOWS\system32\drivers\down\202765.exe
C:\WINDOWS\system32\drivers\down\204578.exe
C:\WINDOWS\system32\drivers\down\205937.exe
C:\WINDOWS\system32\drivers\down\206843.exe
C:\WINDOWS\system32\drivers\down\207703.exe
C:\WINDOWS\system32\drivers\down\216156.exe
C:\WINDOWS\system32\drivers\down\219140.exe
C:\WINDOWS\system32\drivers\down\232578.exe
C:\WINDOWS\system32\drivers\down\232656.exe
C:\WINDOWS\system32\drivers\down\238593.exe
C:\WINDOWS\system32\drivers\down\239265.exe
C:\WINDOWS\system32\drivers\down\245312.exe
C:\WINDOWS\system32\drivers\down\247140.exe
C:\WINDOWS\system32\drivers\down\249687.exe
C:\WINDOWS\system32\drivers\down\252031.exe
C:\WINDOWS\system32\drivers\down\253687.exe
C:\WINDOWS\system32\drivers\down\256015.exe
C:\WINDOWS\system32\drivers\down\256906.exe
C:\WINDOWS\system32\drivers\down\265218.exe
C:\WINDOWS\system32\drivers\down\269000.exe
C:\WINDOWS\system32\drivers\down\271078.exe
C:\WINDOWS\system32\drivers\down\271953.exe
C:\WINDOWS\system32\drivers\down\272828.exe
C:\WINDOWS\system32\drivers\down\278859.exe
C:\WINDOWS\system32\drivers\down\280015.exe
C:\WINDOWS\system32\drivers\down\280796.exe
C:\WINDOWS\system32\drivers\down\280968.exe
C:\WINDOWS\system32\drivers\down\281203.exe
C:\WINDOWS\system32\drivers\down\282906.exe
C:\WINDOWS\system32\drivers\down\293390.exe
C:\WINDOWS\system32\drivers\down\29387453.exe
C:\WINDOWS\system32\drivers\down\29389984.exe
C:\WINDOWS\system32\drivers\down\29394906.exe
C:\WINDOWS\system32\drivers\down\29396843.exe
C:\WINDOWS\system32\drivers\down\29438390.exe
C:\WINDOWS\system32\drivers\down\29450031.exe
C:\WINDOWS\system32\drivers\down\294515.exe
C:\WINDOWS\system32\drivers\down\29464031.exe
C:\WINDOWS\system32\drivers\down\29467250.exe
C:\WINDOWS\system32\drivers\down\29496093.exe
C:\WINDOWS\system32\drivers\down\29500156.exe
C:\WINDOWS\system32\drivers\down\29501781.exe
C:\WINDOWS\system32\drivers\down\29502421.exe
C:\WINDOWS\system32\drivers\down\29506671.exe
C:\WINDOWS\system32\drivers\down\29508250.exe
C:\WINDOWS\system32\drivers\down\29544312.exe
C:\WINDOWS\system32\drivers\down\295500.exe
C:\WINDOWS\system32\drivers\down\300484.exe
C:\WINDOWS\system32\drivers\down\316281.exe
C:\WINDOWS\system32\drivers\down\341140.exe
C:\WINDOWS\system32\drivers\down\349859.exe
C:\WINDOWS\system32\drivers\down\43973281.exe
C:\WINDOWS\system32\drivers\down\43979031.exe
C:\WINDOWS\system32\drivers\down\43981156.exe
C:\WINDOWS\system32\drivers\down\43983562.exe
C:\WINDOWS\system32\drivers\down\44023156.exe
C:\WINDOWS\system32\drivers\down\44030234.exe
C:\WINDOWS\system32\drivers\down\44039500.exe
C:\WINDOWS\system32\drivers\down\44044953.exe
C:\WINDOWS\system32\drivers\down\44056703.exe
C:\WINDOWS\system32\drivers\down\44061515.exe
C:\WINDOWS\system32\drivers\down\44063265.exe
C:\WINDOWS\system32\drivers\down\44064437.exe
C:\WINDOWS\system32\drivers\down\44074812.exe
C:\WINDOWS\system32\drivers\down\44076671.exe
C:\WINDOWS\system32\drivers\down\44116078.exe
C:\WINDOWS\system32\drivers\down\58556093.exe
C:\WINDOWS\system32\drivers\down\58565578.exe
C:\WINDOWS\system32\drivers\down\58567328.exe
C:\WINDOWS\system32\drivers\down\58569000.exe
C:\WINDOWS\system32\drivers\down\58570953.exe
C:\WINDOWS\system32\drivers\down\585765.exe
C:\WINDOWS\system32\drivers\down\58607953.exe
C:\WINDOWS\system32\drivers\down\58615015.exe
C:\WINDOWS\system32\drivers\down\58621437.exe
C:\WINDOWS\system32\drivers\down\58623875.exe
C:\WINDOWS\system32\drivers\down\58632812.exe
C:\WINDOWS\system32\drivers\down\58636843.exe
C:\WINDOWS\system32\drivers\down\58637562.exe
C:\WINDOWS\system32\drivers\down\58638140.exe
C:\WINDOWS\system32\drivers\down\58645296.exe
C:\WINDOWS\system32\drivers\down\58647125.exe
C:\WINDOWS\system32\drivers\down\58683781.exe
C:\WINDOWS\system32\drivers\down\605328.exe
C:\WINDOWS\system32\drivers\down\60543015.exe
C:\WINDOWS\system32\drivers\down\60555875.exe
C:\WINDOWS\system32\drivers\down\60558359.exe
C:\WINDOWS\system32\drivers\down\60560062.exe
C:\WINDOWS\system32\drivers\down\60577921.exe
C:\WINDOWS\system32\drivers\down\60616968.exe
C:\WINDOWS\system32\drivers\down\60658421.exe
C:\WINDOWS\system32\drivers\down\60662203.exe
C:\WINDOWS\system32\drivers\down\60666484.exe
C:\WINDOWS\system32\drivers\down\60669078.exe
C:\WINDOWS\system32\drivers\down\60698281.exe
C:\WINDOWS\system32\drivers\down\60707640.exe
C:\WINDOWS\system32\drivers\down\60708687.exe
C:\WINDOWS\system32\drivers\down\60711656.exe
C:\WINDOWS\system32\drivers\down\60729703.exe
C:\WINDOWS\system32\drivers\down\60732296.exe
C:\WINDOWS\system32\drivers\down\60770578.exe
C:\WINDOWS\system32\drivers\down\625984.exe
C:\WINDOWS\system32\drivers\down\683953.exe
C:\WINDOWS\system32\drivers\down\69953.exe
C:\WINDOWS\system32\drivers\down\73157625.exe
C:\WINDOWS\system32\drivers\down\73174234.exe
C:\WINDOWS\system32\drivers\down\73182031.exe
C:\WINDOWS\system32\drivers\down\73190578.exe
C:\WINDOWS\system32\drivers\down\73193437.exe
C:\WINDOWS\system32\drivers\down\73261062.exe
C:\WINDOWS\system32\drivers\down\73312046.exe
C:\WINDOWS\system32\drivers\down\73334078.exe
C:\WINDOWS\system32\drivers\down\73338515.exe
C:\WINDOWS\system32\drivers\down\73381781.exe
C:\WINDOWS\system32\drivers\down\73395046.exe
C:\WINDOWS\system32\drivers\down\73396843.exe
C:\WINDOWS\system32\drivers\down\73401890.exe
C:\WINDOWS\system32\drivers\down\73411765.exe
C:\WINDOWS\system32\drivers\down\73418625.exe
C:\WINDOWS\system32\drivers\down\73475093.exe
C:\WINDOWS\system32\drivers\down\75226703.exe
C:\WINDOWS\system32\drivers\down\75230296.exe
C:\WINDOWS\system32\drivers\down\75232671.exe
C:\WINDOWS\system32\drivers\down\75234625.exe
C:\WINDOWS\system32\drivers\down\75236843.exe
C:\WINDOWS\system32\drivers\down\75263687.exe
C:\WINDOWS\system32\drivers\down\75278234.exe
C:\WINDOWS\system32\drivers\down\75280234.exe
C:\WINDOWS\system32\drivers\down\75293718.exe
C:\WINDOWS\system32\drivers\down\75298406.exe
C:\WINDOWS\system32\drivers\down\75306125.exe
C:\WINDOWS\system32\drivers\down\75309984.exe
C:\WINDOWS\system32\drivers\down\75310609.exe
C:\WINDOWS\system32\drivers\down\75311375.exe
C:\WINDOWS\system32\drivers\down\75314906.exe
C:\WINDOWS\system32\drivers\down\75316625.exe
C:\WINDOWS\system32\drivers\down\75352140.exe
C:\WINDOWS\system32\drivers\down\770453.exe
C:\WINDOWS\system32\drivers\down\794984.exe
C:\WINDOWS\system32\drivers\down\804796.exe
C:\WINDOWS\system32\drivers\down\827578.exe
C:\WINDOWS\system32\drivers\down\830312.exe
C:\WINDOWS\system32\drivers\down\868484.exe
C:\WINDOWS\system32\drivers\down\89781656.exe
C:\WINDOWS\system32\drivers\down\89788593.exe
C:\WINDOWS\system32\drivers\down\89791234.exe
C:\WINDOWS\system32\drivers\down\89797765.exe
C:\WINDOWS\system32\drivers\down\89801000.exe
C:\WINDOWS\system32\drivers\down\89821968.exe
C:\WINDOWS\system32\drivers\down\89850296.exe
C:\WINDOWS\system32\drivers\down\89877359.exe
C:\WINDOWS\system32\drivers\down\89883062.exe
C:\WINDOWS\system32\drivers\down\89895171.exe
C:\WINDOWS\system32\drivers\down\89899687.exe
C:\WINDOWS\system32\drivers\down\89902031.exe
C:\WINDOWS\system32\drivers\down\89902906.exe
C:\WINDOWS\system32\drivers\down\89908671.exe
C:\WINDOWS\system32\drivers\down\89910906.exe
C:\WINDOWS\system32\drivers\down\89959328.exe
C:\WINDOWS\system32\drivers\down\90468.exe
C:\WINDOWS\system32\drivers\down\908203.exe
C:\WINDOWS\system32\drivers\down\910656.exe
C:\WINDOWS\system32\drivers\down\914687.exe
C:\WINDOWS\system32\drivers\down\93218.exe
C:\WINDOWS\system32\drivers\down\95171.exe
C:\WINDOWS\system32\drivers\down\96031.exe
C:\WINDOWS\system32\drivers\down\976927859.exe
C:\WINDOWS\system32\drivers\down\976980468.exe
C:\WINDOWS\system32\drivers\down\976993265.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
K:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_SROSA
-------\srosa


((((((((((((((((((((((((( Files Created from 2008-02-06 to 2008-03-06 )))))))))))))))))))))))))))))))
.

2008-03-05 04:24 . 2008-03-05 09:01 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2008-03-05 04:12 . 2005-01-13 21:41 11,254 --a------ C:\WINDOWS\system32\locate.com
2008-03-05 04:11 . 2008-03-05 04:17 <DIR> d-------- C:\MGtools
2008-03-05 04:11 . 2008-03-05 04:17 101,748 --a------ C:\MGlogs.zip
2008-03-04 15:43 . 2008-03-04 15:43 <DIR> d-------- C:\Program Files\SystemRequirementsLab
2008-03-04 14:15 . 2008-03-04 14:15 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-03-04 14:14 . 2008-03-04 14:14 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-03-04 14:14 . 2008-03-04 14:14 <DIR> d-------- C:\Documents and Settings\Greta\Application Data\SUPERAntiSpyware.com
2008-03-04 14:13 . 2008-03-04 14:13 1,238,736 --a------ C:\MGtools.exe
2008-03-04 14:11 . 2008-03-04 14:11 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-04 14:11 . 2008-03-04 14:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-04 14:08 . 2008-03-05 22:06 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-04 14:08 . 2008-03-04 14:08 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-03 23:06 . 2007-12-14 01:59 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-03 23:04 . 2008-03-03 23:05 7,237,978 --a------ C:\Temp\Free3GPVideoConverter.exe
2008-03-03 22:54 . 2008-03-03 22:54 <DIR> d-------- C:\Program Files\Common Files\Java
2008-03-03 17:03 . 2008-03-03 23:28 <DIR> d-------- C:\Program Files\INAC
2008-03-03 10:41 . 2008-03-03 10:41 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-03-03 10:41 . 2008-03-03 10:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-03-03 10:13 . 2008-03-03 10:13 <DIR> d-------- C:\websymbols
2008-03-03 10:10 . 2008-03-03 10:13 <DIR> d-------- C:\Program Files\Debugging Tools for Windows
2008-03-03 10:06 . 2008-03-03 10:06 <DIR> d-------- C:\Program Files\Citrix
2008-03-03 10:01 . 2008-03-03 10:01 60,968 --a------ C:\Documents and Settings\Greta\GoToAssistDownloadHelper.exe
2008-02-27 02:20 . 2008-02-27 02:20 <DIR> d-------- C:\Program Files\Native Instruments
2008-02-27 02:20 . 2006-05-19 16:54 393,216 --a------ C:\WINDOWS\system32\NI_IRC_1_1.dll
2008-02-27 02:20 . 2005-04-04 18:00 393,216 --a------ C:\WINDOWS\system32\NI_IRC_1_0_3.dll
2008-02-27 02:20 . 2006-07-11 16:16 61,440 --a------ C:\WINDOWS\system32\NI_DFD_1_4.dll
2008-02-27 02:19 . 2008-02-27 02:22 <DIR> d-------- C:\Program Files\Finale GPO 2.0
2008-02-27 02:19 . 2004-03-29 16:23 90,112 --a------ C:\WINDOWS\unvise32.exe
2008-02-27 02:17 . 2008-02-27 02:35 <DIR> d-------- C:\Program Files\Finale 2007
2008-02-10 16:32 . 2008-02-10 16:32 <DIR> d-------- C:\Program Files\Microsoft Silverlight
2008-02-09 14:18 . 2008-02-09 14:22 <DIR> d-------- C:\Program Files\SecondLifeReleaseCandidate

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-06 03:44 --------- d-----w C:\Program Files\Yahoo!
2008-03-06 03:28 --------- d-----w C:\Program Files\Soulseek
2008-03-05 00:15 --------- d-----w C:\Program Files\iTunes
2008-03-04 20:13 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-04 05:06 --------- d-----w C:\Program Files\Java
2008-03-04 04:27 --------- d-----w C:\Program Files\WildTangent
2008-03-04 04:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-03 06:29 --------- d-----w C:\Documents and Settings\Greta\Application Data\foobar2000
2008-03-01 07:29 --------- d-----w C:\Program Files\Trend Micro
2008-02-29 23:07 --------- d-----w C:\Program Files\eMule
2008-02-28 08:26 164,280 ----a-w C:\Documents and Settings\Greta\Application Data\GDIPFONTCACHEV1.DAT
2008-02-27 08:16 --------- d-----w C:\Program Files\BitComet
2008-02-10 07:10 --------- d-----w C:\Program Files\myFairTunes
2008-02-09 04:25 --------- d-----w C:\Program Files\Solveig Multimedia
2008-02-09 04:25 --------- d-----w C:\Program Files\Common Files\Solveig Multimedia
2008-02-09 04:25 --------- d-----w C:\Program Files\Common Files\Elecard
2008-02-04 03:39 --------- d-----w C:\Program Files\Creative
2008-02-04 03:19 --------- d-----w C:\Program Files\Macromedia
2008-02-04 03:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-04 03:17 --------- d-----w C:\Program Files\ListMaker
2008-02-04 03:17 --------- d-----w C:\Program Files\eMusic Download Manager
2008-02-04 00:32 --------- d-----w C:\Program Files\NCH Swift Sound
2008-02-04 00:06 --------- d-----w C:\Program Files\SecondLife
2008-02-04 00:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\Creative
2008-02-03 23:52 --------- d-----w C:\Program Files\Windows Media Connect 2
2008-02-03 23:52 --------- d-----w C:\Program Files\QuickPar
2008-02-03 23:52 --------- d-----w C:\Program Files\NetWaiting
2008-02-03 23:52 --------- d-----w C:\Program Files\Modem Helper
2008-02-03 23:52 --------- d-----w C:\Program Files\GemMaster
2008-02-03 23:52 --------- d-----w C:\Program Files\FLAC
2008-02-03 23:52 --------- d-----w C:\Program Files\ESPNMotion
2008-02-03 23:52 --------- d-----w C:\Program Files\EnglishOtto
2008-02-03 23:52 --------- d-----w C:\Program Files\DivX
2008-02-03 23:52 --------- d-----w C:\Program Files\ClocX
2008-02-03 23:52 --------- d-----w C:\Program Files\AoA Audio Extractor
2008-01-30 12:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Dell
2008-01-22 02:30 --------- d-----w C:\Program Files\WinSCP
2008-01-21 05:30 --------- d-----w C:\Program Files\iPod
2008-01-21 05:20 --------- d-----w C:\Program Files\QuickTime
2008-01-21 05:20 --------- d-----w C:\Program Files\MediaMonkey
2008-01-20 07:17 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-19 18:41 --------- d-----w C:\Program Files\CUE Splitter
2008-01-17 08:41 --------- d-----w C:\Documents and Settings\Greta\Application Data\Apple Computer
2008-01-16 04:50 --------- d-----w C:\Documents and Settings\Greta\Application Data\AccurateRip
2008-01-12 19:31 --------- d-----w C:\Program Files\Audible
2008-01-12 19:23 --------- d-----w C:\Documents and Settings\Greta\Application Data\Creative
2008-01-12 05:42 --------- d--h--w C:\Program Files\Creative Installation Information
2008-01-12 05:42 --------- d-----w C:\Program Files\Common Files\Creative
2008-01-10 01:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2008-01-10 01:08 --------- d-----w C:\Program Files\AIM6
2008-01-09 21:01 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
2008-01-06 18:59 --------- d-----w C:\Program Files\Last.fm
2007-11-26 08:53 604 ---ha-w C:\Program Files\STLL Notifier
2004-08-10 11:00 94,784 --sh--w C:\WINDOWS\twain.dll
2004-08-10 11:00 50,688 --sh--w C:\WINDOWS\twain_32.dll
2007-04-04 06:32 1,264 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2004-08-10 11:00 1,028,096 --sh--w C:\WINDOWS\system32\mfc42.dll
2004-08-10 11:00 54,784 --sh--w C:\WINDOWS\system32\msvcirt.dll
2004-08-10 11:00 413,696 --sh--w C:\WINDOWS\system32\msvcp60.dll
2004-08-10 11:00 83,456 --sh--w C:\WINDOWS\system32\olepro32.dll
2004-08-10 11:00 11,776 --sh--w C:\WINDOWS\system32\regsvr32.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\Dell Support\DSAgnt.exe" [2006-08-28 21:57 395776]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-06-12 14:32 700416]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:54 5674352]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 03:40 218032]
"Google Update"="C:\Documents and Settings\Greta\Local Settings\Application Data\Google\Update\1.0.103.3\GoogleUpdate.exe" [2008-02-10 22:04 21488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-07 23:54 7630848]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [ ]
"CTDVDDET"="C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE" [2003-06-18 01:00 45056]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 18:07 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 05:20 122940]
"ClocX"="C:\Program Files\ClocX\ClocX.exe" [2004-04-13 08:12 103936]
"CTHelper"="CTHELPER.EXE" [2006-12-12 10:46 19456 C:\WINDOWS\system32\CtHelper.exe]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-03-01 21:00 18944 C:\WINDOWS\system32\Ctxfihlp.exe]
"VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" [2005-10-14 11:01 122880]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00 90112]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-01-11 18:39 185896]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-01-10 15:27 385024]
"mxomssmenu"="C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 14:53 169264]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 03:40 86960]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 03:40 218032]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 22:11 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 09:17 1241088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SetDefaultMIDI"="MIDIDEF.exe" [2005-11-08 05:12 25600 C:\WINDOWS\MIDIDEF.EXE]
"IETI"="C:\Program Files\Skype\Phone\IEPlugin\unins000.exe" [2007-03-28 12:05 674138]

C:\Documents and Settings\Greta\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-07-07 18:49:10 106496]
YouTube Uploader.lnk - C:\Documents and Settings\Greta\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe [2007-11-09 13:33:08 71152]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2006-12-22 15:25:29 24576]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 18:28:24 258048]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 18:50:52 53248]
HPAiODevice(hp officejet v series) - 1.lnk - C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe [2002-04-25 18:43:32 487487]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll 2008-03-03 10:06 10792 C:\Program Files\Citrix\GoToAssist\480\g2awinlogon.dll
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

The bad files seem to be quarantined by ComboFix, but I'm not sure about SRROSA, I know there are still bad things lurking somewhere.

BTW - I don't have an antivirus program on right now, since I had to uninstall PCCillin. I have downloaded AVG, should I go ahead and get it running, or wait until my system is clean?

Thanks in advance, my latest HJT log follows, and I will go ahead and start a fresh Kaspersky scan...

I think this looks somewhat better..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:18, on 2008-03-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\ClocX\ClocX.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Documents and Settings\Greta\Local Settings\Application Data\Google\Update\1.0.103.3\GoogleUpdate.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Documents and Settings\Greta\Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Maxtor\Sync\SyncServices.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_04\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\Program Files\BitComet\BitComet.exe
C:\MGtools.exe
C:\WINDOWS\system32\cmd.exe
C:\MGTools\analyse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0061222
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [ClocX] C:\Program Files\ClocX\ClocX.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\Dell Support\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Greta\Local Settings\Application Data\Google\Update\1.0.103.3\GoogleUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Startup: YouTube Uploader.lnk = Local Settings\Application Data\YouTube\Uploader\youtubeuploader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HPAiODevice(hp officejet v series) - 1.lnk = C:\Program Files\Hewlett-Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - C:\Program Files\PlotSoft\PDFill\DownloadPDF.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/us/kavwebscan_unicode.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168058796672
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/files/abasetup163.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\480\G2AWinLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\480\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Maxtor Service (Maxtor Sync Service) - Seagate Technology LLC - C:\Program Files\Maxtor\Sync\SyncServices.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 14644 bytes

Here is Kaspersky Scan, the virus is still hiding in my computer... :sad:

The scan is very long so it is 2 posts.

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
2008-03-06 18:41
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 6/03/2008
Kaspersky Anti-Virus database records: 604356
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics:
Total number of scanned objects: 426590
Number of viruses found: 7
Number of infected objects: 71
Number of suspicious objects: 0
Duration of the scan process: 03:55:57

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3ad391678a806ec4d691e83aaa393b6f_24adf822-76f7-4481-b30b-ff1b40f8687f Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_2161314474_720896_32640 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\MSDVRMM_2161314474_7274496_32596 Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{07AF4306-DCFA-45CA-B5DC-AB4224C7B907}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\{D9AFD8E8-D5AF-4472-92A6-6B4437CD50D1}.TmpSBE Object is locked skipped
C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp Object is locked skipped
C:\Documents and Settings\All Users\DRM\drmstore.hds Object is locked skipped
C:\Documents and Settings\Greta\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\AUPNP.log Object is locked skipped
C:\Documents and Settings\Greta\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt.log Object is locked skipped
C:\Documents and Settings\Greta\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\DSAgnt_GTActions.log Object is locked skipped
C:\Documents and Settings\Greta\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\gdql_d_DSAgnt.log Object is locked skipped
C:\Documents and Settings\Greta\Application Data\Gtek\GTUpdate\AUpdate\DellSupport\glog.log Object is locked skipped
C:\Documents and Settings\Greta\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\MSN - Inbox.dbx/[From aw-confirm@eBay.com <aw-confirm@eBay.com>][Date Tue, 23 May 2006 03:48:30 -0400]/html Infected: Trojan-Spy.HTML.Bayfraud.jv skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\MSN - Inbox.dbx/[From eBay][Date Tue, 2 May 2006 16:21:02 +0200]/html Infected: Trojan-Spy.HTML.Bayfraud.jv skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\MSN - Inbox.dbx/[From eBay][Date Tue, 25 Apr 2006 13:05:58 +0200]/html Infected: Trojan-Spy.HTML.Bayfraud.jv skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\MSN - Inbox.dbx/[From eBay <eBay@ire1.networkv.net>][Date Tue, 04 Apr 2006 16:43:07 +0200]/html Infected: Trojan-Spy.HTML.Bayfraud.jv skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Identities\{4E3254D7-522A-412A-9296-3F4767B3A2CB}\Microsoft\Outlook Express\MSN - Inbox.dbx Mail MS Outlook 5: infected - 4 skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Last.fm\Client\lastfmhelper.log Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Application Data\YouTube\Uploader\uploads.db Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\History\History.IE5\MSHist012008030620080307\index.dat Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Temp\hpodvd09.log Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Temp\~DF7C70.tmp Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Temp\~DFCFCE.tmp Object is locked skipped
C:\Documents and Settings\Greta\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Greta\ntuser.dat Object is locked skipped
C:\Documents and Settings\Greta\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14756968.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\151968.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\200125.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29387453.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\43973281.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\58556093.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\58565578.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\60543015.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\60555875.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\69953.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\73157625.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\73174234.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\75226703.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\75230296.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\89781656.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\89788593.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\976993265.exe.vir Infected: Trojan.Win32.Pakes.bwy skipped
C:\QooBox\Quarantine\catchme2008-03-05_220622.48.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\catchme2008-03-05_220622.48.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\QooBox\Quarantine\catchme2008-03-05_220622.48.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.kp skipped
C:\QooBox\Quarantine\catchme2008-03-05_220622.48.zip ZIP: infected - 3 skipped
C:\QooBox\Quarantine\Registry_backups\LEGACY_SROSA.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp skipped
C:\QooBox\Quarantine\Registry_backups\services_srosa.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000182.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP2\A0000183.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000208.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000213.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000225.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000241.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000243.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000274.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000295.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000310.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000311.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000315.exe Infected: Trojan-PSW.Win32.Agent.xd skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000328.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000329.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000347.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000348.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000349.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000364.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000365.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000387.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000388.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000403.exe Infected: Email-Worm.Win32.Bagle.of skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000412.exe Infected: Trojan.Win32.Pakes.bwy skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000716.exe/data0004 Infected: Trojan-Downloader.Win32.Small.hhp skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\A0000716.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{129201FA-B0AC-49B3-96B2-DEB8B91E727B}\RP3\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\ModemLog_Conexant D850 56K V.9x DFVc Modem.txt Object is locked skipped
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{FE556911-13A0-4EEA-B5DE-5FF583B0CFBF}.crmlog Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{C349BAAC-18C1-4EBF-A31B-28A02F960828}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\IntelDH.evt Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\TEMP\ASHeuristic\14756968.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\151968.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\200125.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\29387453.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\43973281.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\58556093.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\58565578.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\60543015.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\60555875.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\69953.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\73157625.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\73174234.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\75226703.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\75230296.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\89781656.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\89788593.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\mdelk_exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\TEMP\ASHeuristic\wintems_exe.vir Infected: Email-Worm.Win32.Bagle.of skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Please help, I'm in danger of being archived!

The trojans are still present and making trouble...I am worried because this PC is networked to our other desktop and a laptop and I don't know if it is still in a state to spread the virus or if it is safe to share files? :sad:

I'm not sure what to do next, would running ComboFix again help? My computer has been stuck in 24 hour mode ever since though..

Please help my poor computer! :angel:

Sorry you got skipped over you still need help?