I am typing this to you on the infected machine so we have headway! Still no access to Desktop Icons or Move/copy/paste files in Windows Explorer though.
Ewido Log (Updated as asked and it found & removed 41 issues, man it took a long time)
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 11:27:37 AM, 11/05/2005
+ Report-Checksum: EF030AB9
+ Date of database: 10/05/2005
+ Version of scan engine: v3.0
+ Duration: 120 min
+ Scanned Files: 82211
+ Speed: 11.41 Files/Second
+ Infected files: 41
+ Removed files: 41
+ Files put in quarantine: 41
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0
+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes
+ Scanned items:
C:\
E:\
+ Scan result:
C:\RECYCLER\S-1-5-21-73586283-113007714-1957994488-1003\De293.frE956 -> Trojan.TopAntiSpyware.h -> Cleaned with backup
C:\RECYCLER\S-1-5-21-73586283-113007714-1957994488-1003\De295.txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\WINDOWS\system32\ackc.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\afbj.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\bacj.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\bdoj.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\eojf.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\fend.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\gcll.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\gnhp.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\hgdh.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\hmoj.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\iifb.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ilpn.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jame.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jcnm.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jdjc.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jigl.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jlpb.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\jmkc.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\kban.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\kmoo.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\kpni.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ldba.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\lebp.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ljnf.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\magp.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\mjab.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\mnhc.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\nbjk.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ngnp.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\nmbh.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\odkc.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ofoi.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\ojjf.dll -> Spyware.Hijacker.Generic -> Cleaned with backup
C:\WINDOWS\system32\spoolsrv32.exe -> Trojan.TopAntiSpyware.j -> Cleaned with backup
E:\File Store\Programs\cracking\patchfx110\business assist.EXE -> Not-A-Virus.VirTool.OptixPatch.04 -> Cleaned with backup
E:\File Store\Programs\cracking\patchfx110\patchfx.res -> Not-A-Virus.VirTool.OptixPatch.04 -> Cleaned with backup
E:\File Store\Programs\ICQ\ICQ_UIN-To IP_Converter_for_2001b.exe -> Not-A-Virus.VirTool.ICQ_UinIp -> Cleaned with backup
E:\Latcham\Cookies\latcham@mywebsearch[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
E:\Latcham\Local Settings\Temp\temp.frE956 -> Trojan.TopAntiSpyware.h -> Cleaned with backup
::Report End
Hijack This LogLogfile of HijackThis v1.99.1
Scan saved at 11:31:41 AM, on 11/05/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\program files\Telstra\Signup\tbpt.exe
C:\Program Files\Mouse\Amoumain.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TSC.EXE
C:\Program Files\Hijack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Telstra Big Pond
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [{F7D90BD2-14A9-11d3-AD9E-00AA0064EC94}] C:\program files\Telstra\Signup\tbpt.exe
O4 - HKLM\..\Run: [WheelMouse] Amoumain.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn...pDownloader.cabO17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CS1\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\VxD\MSTCP: SearchList = vic.bigpond.net.au
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = vic.bigpond.net.au
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Activescan is still running but has found one problem, I will post it when it is finished. I will download & update other programs as discussed when activescan is finished.