Virus: Downloader.FXW

probably it's strictly internal to them. Norton probably couldn't clean because the program was active at time or it has a copy hidden in System Restore files which are designed to be unalterable . You could run the Norton again in "Safe Mode" (will take longer) as that MAY be enough to stop activity & allow cleaning. Instructions here:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406?OpenDocument&src=sec_doc_nam
When you get these kind of findings, it's very important to write down exactly what the warning says especially the path(location) (C:windows\system32\program files\ etc.). Did the phrase "in system volume" appear in warning??
The Panda info you already have.
From Pandas description, if not a false positive, it sounds like you have more than just a keylogger. Sounds more like you have a full blown "Nanny Program" such as some parents use to inspect kids net travels. This kind of program is also used by some companies to monitor employee use of company computers. Basically, it records ALL you see on your screen in snapshots. Do either of these situations apply to you ???
If such a program is not listed in your Control Panels' add/delete programs icon, it can be hard to identify and remove or disable. Some of these hide themselves by not adding anything to toolbar or may be listed as a seemingly harmless in programs files.
Even if you identify the malicious program name, I may require a password you don't know, to disable or remove. Such a password could have been entered by a person installing the program locally (access to the computer) or included in a download trojan from the net.
For more peace of mind you could do another online scan with "housecalls" (active-X: US) or if you have Sun Java installed you would be better off using the Java Scan from Housecalls Europe (links for both below) & you could also try scanning with a trojan specialist like Ewido SS using instructions below courtesy of Roddy32.
HOUSECALLS EU:http://uk.trendmicro-europe.com/enterprise/products/housecall_launch.php
US:http://www.trendmicro.com/spyware-scan/
Ewido SS:
Ewido SS, You might not need the log but it might be useful to save it.

Dowload link http://www.ewido.net/en/


* Install ewido security suite
* When installing, under ''Additional Options'' uncheck ''Install
background guard'' and ''Install scan via context menu''.
* Launch ewido, there should be an icon on your desktop double-click it.
* The program will now go to the main screen

You will need to update ewido to the latest definition files.

* On the left hand side of the main screen click Update
* Then click on Start Update

The update will start and a progress bar will show the updates being
installed.
If you are having problems with the updater, you can use this link to
manually update ewido.
http://www.ewido.net/en/download/updates/

Once the updates are installed do the following:
* Click on scanner
* Click on Complete System Scan and the scan will begin.
* While the scan is in progress you will be prompted to clean files,
click OK
* When it asks if you want to clean the first file, put a check in the
lower left corner of the box that says ''Perform action on all
infections'' then choose clean and click OK.
* Once the scan has completed, there will be a button located on the
bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop.

Now close ewido security suite.
If you find all results are clean after Norton (safe), Housecalls & Ewido SS (free 14 day trial and can also be run in "safe mode") I suspect you are clean. If results are finding things, tell programs to clean, and re-run a couple again for good measure. Watch for "system volume" mentioned. With all but "House calls", you should be disconnected from net during installs & scans.
Please re-post back to us with results. If all unstatisfactory, there are further things to try.
Hope this gets it for you!

Hi!
I have the same problem. I'm not english, I speak only a few words english, but I hope you can understand me.
The virus p9hEPQkbj.exe is in my computer, in a file exe and I cannot cancel it, because the system says the program is in use. I use norton too, but the antivirus did not find this virus, in apparence the PC is clean, but if I go to the task manager I see the file and if I cancel it from the task manager, the virus creates itself again. Another strange file is present, SERVICES.exe, and this file creates itself again in the register if I try to cancel the key in the register.
I have understand you was able to clean your computer, but perhaps I have no understand. Can you help me?
And if you can help me, can you write simply, very simply the passage to remove the virus so I can understand all?
Thank you!