I think glynor will probably agree with me here, that while hijackthis is probably a wonderful little tool for listing things running on a PC, enabling a remote technician to give right and proper advice on a case by case basis, all those full logs posted here there and everywhere don't half queer the pitch of "what's running" type of searches. I've learned the value of the -hijackthis switch
So, I've found a range of pages that go through the entire spectrum, from "you're fooked, reformat" through, we can help, do this, post back, then download this, do that, do the next thing etc. etc." to remove klone? follow this..."
It would seem there's not much conclusive out there atm. A bit like going for "ask the audience" and getting 25% on all four answers!!
It appears that it's has close links with something called "vundo" and an out of date version of the Sun Java runtime environment, so, consider getting that up to date if you use it.
I was unable to find a removal tool.
Virtually all results containing hijack this logs relate to fixes for that specific computer rather than general fix rules that everyone can follow.
try this for starters:
http://www.precisesecurity.com/computer-virus/klone-oct09.htmtheir "Step 5" is my only concern there, that really is the mother of all vague instructions!!!
Read here:
http://forums.techguy.org/security/512499-solved-klone-virus-help.htmland here:
http://miataru.computing.net/security/wwwboard/forum/19747.htmlto see that successful removal is possible, my apologies for not having the know-how to take you through the use of those tools in that manner. perhaps the same people could help you too? There is definately help out there, and I think you're already aware that it's as important for you to understand how your PC became infected in the first place as it is for you to get it sorted out.
Interestingly, the only result a search on "generic32 ETW" returns, is this thread here at interact!!
The steps on cleaning out system restore are important (and simple) to follow. The system restore system does not know good from bad files, so it's very common for virii to be backed up in the system restore system, ready to be restored into action at a later date.
Apologies for not being able to personally walk through the removal steps, hopefully I've at least been able to set you off in a more positive direction. Let us know how you get on.
regards, marko.