Hello, Could I have help with removing a worm please.
The name of the worm is Email-Worm.Win32.Brontok.q and just scanning and delete doesn't do the job as it keeps multiplying its self everywhere.

Here is info on the it: http://www.f-secure.com/v-descs/brontok_n.shtml
Seeing that it is a complex and hard to remove e-mail worm, I hope that someone could help me.

Here is my HijackThis LOG:

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:22:54 PM, on 15/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\HijackThis\HijackThis.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.8.30.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} (ChessControl Class) - http://zone.msn.com/bingame/zpagames/zpa_kqrp.cab56961.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 6593 bytes

This is a complex infection that many tools have minimal or ineffective success in resolving. Let's try the following tool and see how it goes:


Download and scan with the 15 day trial version of Counterspy.

http://www.sunbelt-software.com/CounterSpy-Download.cfm

• Install Counterspy.
• Click on 'Spyware Scan', then click 'Updates' at the top right.
• Once any available updates have been installed, click the 'Scan Now' button.
• Save the report when it's finished:
  1. Once Counterspy has done scanning, the 'Scan Results' box will appear.
  2. Click on 'View Results'.
  3. Under (Recommended Action),using the drop down menus at the side of each entry found, set EVERYTHING to 'Remove'.
  4. Then click on 'Take Action'.
  5. Once everything has been removed, click on 'View Details'.
  6. Copy and Paste those details into a Word/Text document, then save it to your desktop.

Post the above results and tell us how your PC is doing.

I tried updating twice, but after an hour it never changed so I scanned without updating on definition 682.

Code:

Scan History Details
Start Date: 16/12/2007 8:42:09 PM
End Date: 16/12/2007 9:14:19 PM
Total Time: 32 Min 10 Sec
Detected security risks

Cookie: ATDMT.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@atdmt[2].txt


Cookie: BS.Serving-Sys Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@bs.serving-sys[2].txt
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@serving-sys[1].txt


Cookie: BurstNet.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@burstnet[2].txt


Cookie: CGI-Bin Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@cgi-bin[2].txt


Cookie: DoubleClick Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@doubleclick[1].txt


Cookie: FastClick.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@fastclick[2].txt


Cookie: Hotbar Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@ad.yieldmanager[1].txt


Cookie: Mediaplex.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@mediaplex[1].txt


Cookie: Overture.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@overture[1].txt


Cookie: PointRoll.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@ads.pointroll[1].txt


WhenU.Save Adware (General)  more information...
Details: WhenU.SaveNow is an adware application that displays pop-up advertising on the desktop in response to users' web browsing.
Status: Deleted

Files detected
C:\Program Files\DAEMON Tools\SetupDTSB.exe


Cookie: Advertising.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@advertising[2].txt


Cookie: TribalFusion.com Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@tribalfusion[2].txt


MyWebSearch Toolbar Potentially Unwanted Program  more information...
Details: MyWebSearch Toolbar is a customizable Internet Explorer search toolbar with various other tools.
Status: Deleted

Registry entries detected
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} 
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} 
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} 
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} 


Cookie: WindowsMedia Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@windowsmedia[1].txt


My Search Bar Potentially Unwanted Program  more information...
Details: My Search Bar and the variants "My Way Speedbar" and "My Way Search Assistant", are browser helper objects that allows you to search on multiple search engines.
Status: Deleted

Registry entries detected
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1 
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1 
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1\CLSID 
HKEY_LOCAL_MACHINE\Software\Classes\IMSIDE1EGATE.APPLICATION.1\CLSID 


Cookie: adrevolver Cookie (General)  more information...
Details: Cookies are small "data tags" that web sites store on PCs in order to recognize unique visitors. Cookies are used to identify returning visitors who have registered for special services; to measure and analyze visitors' use of web site features; to count unique visitors to web pages; and to allow web surfers to use virtual "shopping carts." Online advertising networks use cookies to track users across web sites and to measure ad impressions and click-throughs.
Status: Deleted

Cookies detected
c:\documents and settings\gurren-lagann\cookies\gurren-lagann@adrevolver[1].txt


Email-Worm.Win32.Brontok.a Worm.Generic  more information...
Status: Deleted

Files detected
C:\Documents and Settings\Gurren-Lagann\Local Settings\Application Data\csrss.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\animes\+\+.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\animes\animes.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\animes\images\images.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\Adobe Dreamweaver CS3.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeALMAnchorServiceAll\AdobeALMAnchorServiceAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeAssetServices3All\AdobeAssetServices3All.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeAUM5.1All\AdobeAUM5.1All`.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeBridge2All\AdobeBridge2All.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeCameraRaw4.0All\AdobeCameraRaw4.0All`.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeCMapsAll\AdobeCMapsAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeDefaultLanguageCS3All\AdobeDefaultLanguageCS3All.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeDeviceCentralAll\AdobeDeviceCentralAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeDeviceCentralAll\oem\Adobe Device Central CS3\Adobe Device Central CS3.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeDreamweaver9en_US\AdobeDreamweaver9en_US.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeExtendScriptToolKitAll\AdobeExtendScriptToolKitAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeExtensionManager1.8All\AdobeExtensionManager1.8All`.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeHelpViewerAll\AdobeHelpViewerAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobePDFL8All\AdobePDFL8All.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeTypeSupportAll\AdobeTypeSupportAll.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\AdobeVersionCueClient3All\AdobeVersionCueClient3All.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\BridgeStartMeeting\BridgeStartMeeting.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\payloads\payloads.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\redist\redist.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\resources\common\alert\alert.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\resources\common\scripts\scripts.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\resources\media\css\css.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\resources\media\img\img.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Downloaded Installations\Adobe Dreamweaver CS3\resources\resources.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\DXWnd 1.21A\DXWnd 1.21A`.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Files\TAFE\Cert III files\Class\HTML\Build a Basic Website\images\images.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Files\TAFE\Cert III files\Class\HTML\Personal Details\images\images.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Files\TAFE\Cert III files\Class\HTML\Resume\Resume.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\Files\TAFE\Cert III files\Class\HTML\Rollover+Image Map\menufiles\menufiles.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\MobileAction\HandsetManager\ToolData\IMAGE_BACKGROUND\IMAGE_BACKGROUND.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\MobileAction\HandsetManager\ToolData\VIDEO_TEXTICON\Item_1\Item_1.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\MobileAction\HandsetManager\ToolData\VIDEO_TEXTICON\Item_2\Item_2.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\My Music\iTunes\iTunes Music\Atreyu\A Death Grip on Yesterday Disc 1\A Death Grip on Yesterday Disc 1.exe
C:\Documents and Settings\Gurren-Lagann\My Documents\My Music\iTunes\iTunes.exe

How is your PC doing?

If the worm is still present, then we may need to try some additional tools. The inability to update definitions is also never a good sign although possibly to be expected when an infection is in charge of your PC.

If 'counterspy' will update, that might be a very favorable sign.

The worm is still present.
All the things like registry editor and stuff are still disabled.

See if you csn run the following online antivirus scan (NOD32):

http://www.eset.com/onlinescan/


Let us know if anything improves with that scan. Check if Counterspy will update afterwards.

Virus scan found nothing.
Counterspy couldn't update.