Hi there,
I need you to
stop attaching your logs please. Please
copy and paste them
directly into your post. I also need to see the
Avenger log please. It can be found @ "C:\avenger.txt".
This is important!
==========
Please also note.....
We might not have yet successfully inactivated that Rootkit. This will be readily evident when we run the fix below. If it is still active then Combofix will not run. Please alert me if that is the result and I will guide you!!
==========
Please do this....
Disable AVG. Follow the instructions
here.
==========
Next....
Delete Combofix from you desktop. Right click and select Delete.==========
Finally.......
Download and Run ComboFix (by sUBs)Please download ComboFix from one of these locations:
Link 1Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your Desktop- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
- Double click on ComboFix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.
When finished, it will produce a log for you. Please include the
C:\ComboFix.txt in your next reply
A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper ==========
With your next post please provide:* Remember to Copy and Paste all logs directly into your reply. I provided an example below.
* Avenger.txt (
This is important!!)
* Combofix.txt
* How is your computer running
Kind regards,
~t
---------------------------------------------------------------------------------
Example of log Copy and Paste Volume in drive C has no label.
Volume Serial Number is A016-5057
Directory of C:\WINDOWS\$NtServicePackUninstall$
08/04/2004 06:00 AM 180,224 scecli.dll
Directory of C:\WINDOWS\$NtServicePackUninstall$
08/04/2004 06:00 AM 407,040 netlogon.dll
Directory of C:\WINDOWS\$NtServicePackUninstall$
08/04/2004 06:00 AM 55,808 eventlog.dll
3 File(s) 643,072 bytes
Directory of C:\WINDOWS\ServicePackFiles\i386
04/13/2008 06:12 PM 181,248 scecli.dll
Directory of C:\WINDOWS\ServicePackFiles\i386
04/13/2008 06:12 PM 407,040 netlogon.dll
Directory of C:\WINDOWS\ServicePackFiles\i386
04/13/2008 06:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes
Directory of C:\WINDOWS\system32
04/13/2008 06:12 PM 181,248 scecli.dll
Directory of C:\WINDOWS\system32
04/13/2008 06:12 PM 407,040 netlogon.dll
Directory of C:\WINDOWS\system32
04/13/2008 06:11 PM 61,952 eventlog.dll
3 File(s) 650,240 bytes
Directory of C:\WINDOWS\system32\dllcache
04/13/2008 06:12 PM 181,248 scecli.dll
Directory of C:\WINDOWS\system32\dllcache
04/13/2008 06:12 PM 407,040 netlogon.dll
Directory of C:\WINDOWS\system32\dllcache
04/13/2008 06:11 PM 56,320 eventlog.dll
3 File(s) 644,608 bytes
Total Files Listed:
12 File(s) 2,582,528 bytes
0 Dir(s) 182,056,300,544 bytes free