Hey all,
Had problems with my new PC. Had trojans etc and the PC at one point kept randomly rebooting,over and over.Wouldn't let me on windows update,something changed a setting.
Done a few scans now with Spybot, MalwareBytes,AVG 8.5.325 and CCleaner.
Did look like this:
AVG:
"Scan ""Scan whole computer"" was finished."
"Infections";"16";"16";"0"
"Folders selected for scanning:";"Scan whole computer"
"Scan started:";"05 May 2009, 19:27:21"
"Scan finished:";"05 May 2009, 19:40:02 (12 minute(s) 41 second(s))"
"Total object scanned:";"133375"
"User who launched the scan:";"D"

"Infections"
"File";"Infection";"Result"
"C:\Documents and Settings\D\Local Settings\Temp\732.exe";"Trojan horse Generic13.JJK";"Moved to Virus Vault"
"C:\Documents and Settings\D\Local Settings\Temp\803.exe";"Trojan horse SHeur2.UCF";"Moved to Virus Vault"
"C:\RECYCLER\S-1-5-21-8017068216-2990302639-183907024-9212\winIgn.exe";"Virus identified Worm/Generic_r.EC";"Moved to Virus Vault"
"C:\WINDOWS\system32\bufwvr.exe";"Trojan horse BackDoor.RBot.KB";"Moved to Virus Vault"
"C:\WINDOWS\system32\dbazqgj.exe";"Trojan horse BackDoor.RBot.KB";"Moved to Virus Vault"
"C:\WINDOWS\system32\ehfxkjhs.exe";"Virus identified Worm/Generic_r.EC";"Moved to Virus Vault"
"C:\WINDOWS\system32\fjxvxcjg.exe";"Trojan horse BackDoor.RBot.KB";"Moved to Virus Vault"
"C:\WINDOWS\system32\gkgt.exe";"Virus identified Worm/Generic_r.EC";"Moved to Virus Vault"
"C:\WINDOWS\system32\kefnd.exe";"Virus identified Worm/Generic_r.EC";"Moved to Virus Vault"
"C:\WINDOWS\system32\myaet.exe";"Trojan horse BackDoor.RBot.KB";"Moved to Virus Vault"
"C:\WINDOWS\system32\mzdqaqmz.exe";"Trojan horse SHeur2.KDG";"Moved to Virus Vault"
"C:\WINDOWS\system32\nwew.exe";"Trojan horse SHeur2.KDG";"Moved to Virus Vault"
"C:\WINDOWS\system32\pdpayo.exe";"Trojan horse SHeur2.KDG";"Moved to Virus Vault"
"C:\WINDOWS\system32\TFTP1428";"Trojan horse Injector.AL";"Moved to Virus Vault"
"C:\WINDOWS\system32\vfeeuid.exe";"Virus identified Worm/Generic_r.EC";"Moved to Virus Vault"
"C:\WINDOWS\system32\wftu.exe";"Trojan horse BackDoor.RBot.KB";"Moved to Virus Vault"

"Warnings"
"File";"Infection";"Result"
"C:\Documents and Settings\D\Cookies\d@doubleclick[2].txt";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\D\Cookies\d@doubleclick[2].txt:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Documents and Settings\D\Cookies\d@overture[2].txt";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\D\Cookies\d@overture[2].txt:\overture.com.52ca467a";"Found Tracking cookie.Overture";"Moved to Virus Vault"
"C:\Documents and Settings\D\Cookies\d@overture[2].txt:\overture.com.d727de6f";"Found Tracking cookie.Overture";"Moved to Virus Vault"

Mbam:
Malwarebytes' Anti-Malware 1.36
Database version: 2077
Windows 5.1.2600

05/05/2009 14:17:59
mbam-log-2009-05-05 (14-17-36).txt

Scan type: Quick Scan
Objects scanned: 65875
Time elapsed: 50 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 8
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 12

Memory Processes Infected:
C:\WINDOWS\system32\algs.exe (Backdoor.Bot) -> No action taken.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\12cfg515-k641-55sf-n66p (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\12cfg515-k641-55sf-n55p (Trojan.Backdoor) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\32nfg94-h61-2sf-n1p-5m1erh6l6 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\Windows Update (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\Spooler SubSystem App (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\Windows Explorer (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\microsoft internet explorer (Backdoor.Bot) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\application layer gateway service (Backdoor.Bot) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556 (Backdoor.Bot) -> No action taken.
C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0850 (Trojan.Agent) -> No action taken.

Files Infected:
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\pqlmq.exe (Trojan.Agent) -> No action taken.
C:\RECYCLER\S-1-5-21-0243336035-3055115375-381863305-1553\vslmq.exe (Trojan.Backdoor) -> No action taken.
C:\Documents and Settings\D\Local Settings\Temp\002.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\D\Local Settings\Temp\466.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\D\Local Settings\Temp\489.exe (Trojan.Backdoor) -> No action taken.
C:\RECYCLER\S-1-5-21-0243636035-3055115376-381863306-1556\Desktop.ini (Backdoor.Bot) -> No action taken.
C:\RECYCLER\S-1-5-21-0243336031-4052116379-881863308-0850\Desktop.ini (Trojan.Agent) -> No action taken.
C:\RECYCLER\S-1-5-21-9140808955-6121809174-222351416-4818\winIgn.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\spooIsv.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\explorer.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\iexplore.exe (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\algs.exe (Backdoor.Bot) -> No action taken.

I deleted all the infections.
Here's todays Hijack Log.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:37:09, on 06/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Searchy UK Metacrawler: Search 15 top UK Search Engines
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1234968617747
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

--
End of file - 3445 bytes

oh and the Uninstall List:
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Free 8.5
Belarc Advisor 7.2
CCleaner (remove only)
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0
Microsoft Visual C++ 2005 Redistributable
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Scientific-Atlanta WebSTAR 2000 series Cable Modem
Spybot - Search & Destroy
Windows XP Service Pack 2

Also, a Belarc scan says I need loads of new critical updates,but when I go to Windows Update it just has SP 3 Update.Is SP 3 ok?

Missing Microsoft Security Hotfixes [Back to Top]
These required security hotfixes (using the 04/14/2009 Microsoft Security Bulletin Summary) were not found installed. Note: CIS benchmarks require that Critical and Important severity security hotfixes must be installed.
Q873339 - Important (details...)
Q885835 - Important (details...)
Q885836 - Important (details...)
Q887472 - Moderate (details...)
Q888302 - Important (details...)
Q890046 - Moderate (details...)
Q890859 - Important (details...)
Q891781 - Important (details...)
Q893756 - Important (details...)
Q896358 - Critical (details...)
Q896423 - Critical (details...)
Q896428 - Moderate (details...)
Q899587 - Moderate (details...)
Q899591 - Moderate (details...)
Q900725 - Important (details...)
Q901017 - Important (details...)
Q901214 - Critical (details...)
Q902400 - Important (details...)
Q905414 - Moderate (details...)
Q905749 - Important (details...)
Q908519 - Critical (details...)
Q908531 - Critical (details...)
Q911280 - Important (details...)
Q911562 - Critical (details...)
Q911564 - Important (details...)
Q911927 - Important (details...)
Q913580 - Low (details...)
Q914388 - Critical (details...)
Q914389 - Important (details...)
Q918118 - Important (details...)
Q918439 - Critical (details...)
Q920213 - Critical (details...)
Q920670 - Important (details...)
Q920683 - Critical (details...)
Q920685 - Moderate (details...)
Q923191 - Critical (details...)
Q923561 - Important (details...)
Q923980 - Important (details...)
Q924270 - Low (details...)
Q924496 - Moderate (details...)
Q924667 - Important (details...)
Q925398 - Critical (details...)
Q925902 - Critical (details...)
Q926255 - Important (details...)
Q926436 - Important (details...)
Q927779 - Critical (details...)
Q927802 - Important (details...)
Q928255 - Important (details...)
Q928365 - Critical (details...)
Q928843 - Critical (details...)
Q929123 - Important (details...)
Q930178 - Critical (details...)
Q931261 - Critical (details...)
Q932168 - Critical (details...)
Q933729 - Important (details...)
Q936782 - Important (details...)
Q937894 - Moderate (details...)
Q938127 - Critical (details...)
Q938464 - Critical (details...)
Q941569 - Critical (details...)
Q943055 - Critical (details...)
Q943460 - Critical (details...)
Q944338 - Critical (details...)
Q944653 - Important (details...)
Q945553 - Important (details...)
Q946026 - Critical (details...)
Q946648 - Important (details...)
Q950749 - Critical (details...)
Q950762 - Important (details...)
Q950974 - Important (details...)
Q951066 - Important (details...)
Q951376 - Critical (details...)
Q951748 - Important (details...)
Q952004 - Important (details...)
Q952069 - Important (details...)
Q952954 - Critical (details...)
Q954600 - Important (details...)
Q955069 - Critical (details...)
Q956572 - Important (details...)
Q956802 - Critical (details...)
Q957097 - Important (details...)
Q958644 - Critical (details...)
Q958687 - Critical (details...)
Q958690 - Critical (details...)
Q959426 - Moderate (details...)
Q960225 - Important (details...)
Q960803 - Critical (details...)
Q961373 - Critical (details...)
Q963027 - Critical (details...)


Cheers, Dave.

__________________
On my New PC ! XP Pro - Service Pack 3 - AMD Athlon 64 X2 Dual core thing

Have a nice day