Now for the waifs and strays - on completion can you let me know what problems remain

http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Please download Malwarebytes’ Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Quick Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

mbam log

What problems do you have now ?

this program dident find it the first time !

i wont know if it worked untill i run a avast scan

Run a scan then and let me know

ok scan is about 20% done and if had to move the same thing to the chest like 20 times!

What is it that you are moving ?

Also do you use flash drives ?

no i dont have a flash drive!

here is the log of the avast scan that i just ran!

OK looking at it as fast as we remove it - it is respawning

Do you use a router ?

Download avz4.zip from HERE

[*]Unzip it to your desktop to a folder named avz4
[*]Double click on AVZ.exe to run it.
[*]Run an update by clicking the Auto Update button on the Right of the Log window:
http://perplexus.geekstogo.com/avz-update-button.png

[*]Click Start to begin the update

Note: If you recieve an error message, chose a different source, then click Start again

[*] Start AVZ.

[*] Choose from the menu “File” => "Standard scripts " and mark the “Advanced System Analysis with malware removal mode enabled” check box.

http://perplexus.geekstogo.com/avz-standardscripts-asa-removal.png

[*] Click on the “Execute selected scripts”.
[*] Automatic scanning, healing and system check will be executed.
[*] A logfile (avz_sysinfo.htm) will be created and saved in the LOG folder in the AVZ directory as virusinfo_syscure.zip.
[] It is necessary to reboot your machine, because AVZ might disturb some program operations (like antiviruses and firewall) during the system scan.
[] All applications will work properly after the system restart.

When restarted

[*] Start AVZ.

[*] Choose from the menu “File” => “Standard scripts " and mark the “Advanced System Analysis” check box.

http://perplexus.geekstogo.com/avz-standardscripts-asa.png

[*] Click on the “Execute selected scripts”.
[*] A system check will be automatically performed, and the created logfile (avz_sysinfo.htm) will be saved in the LOG folder in the AVZ directory as virusinfo_syscheck.zip.

Attach both virusinfo_syscure.zip and virusinfo_syscheck.zip to your next post

tried to attach them but it said that i cant attach those file types

Try uploading the zip files to MediaFire.

ok i hope this is right lol

http://www.mediafire.com/?sharekey=218492f4572d4bfc4c17ca8801618ef7e0661c7ba375ae65daada8390b259c5f

http://www.mediafire.com/file/oldoilixlnq/virusinfo_syscure.zip
http://www.mediafire.com/file/qnydzlxiyig/virusinfo_syscheck.zip

OK got it

AVZ FIX

[*] Double click on AVZ.exe

[*] Click File > Custom scripts

[*] Copy & paste the contents of the following codebox in the box in the program (start with begin and end with end )

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
SetAVZPMStatus(True);
 QuarantineFile('splz.sys','');
 DeleteFile('splz.sys');
 BC_DeleteFile('splz.sys');
 BC_DeleteFile('-.exe');
 DeleteFile('-.exe');
 RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows NT\CurrentVersion\Drivers32','vidc.ffds');
BC_ImportDeletedList;
ExecuteSysClean;
BC_Activate;
RebootWindows(true);
end.

[*] Note: When you run the script, your PC will be restarted

[*] Click Run

[*] Restart your PC if it doesn’t do it automatically.

Once this has completed then re-run Combofix, if it asks to update allow it

ok i did the last thing you told me. here is the combo fix log!!

by the way thank you so much for all the help!!

happen to know how i stop avast from starting up when i re-boot?

Why do you wish Avast to stop starting when you boot - as it is designed to be resident ?

OK no new files have been created - which is good - two data files have now been revealed

1. Please open Notepad
   [*] Click Start , then Run[*]Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::
c:\windows\Xgafasule.bin
c:\windows\Gtutacaxoza.dat

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
   [*]Combofix.txt .

combo is asking me to disable avast but i already have it disabled ?