Cant get rid off Win 32:Agent- NG5 {wrm}

Please follow the instructions in the below link and attach the requested logs when you finish these instructions.

READ & RUN ME FIRST. Malware Removal Guide

 

You have not followed the instructions in the READ ME properly. One of the first things we ask you NOT TO DO is having more then one antivirus program installed. You have TrendMicro Interner Security and Avast installed. You must uninstall one of these immediately. At the current time, it may even be best if you just uninstall both of these since they are both infected due to the Vundo infection you have. You can reinstall them later after we remove the malware. And this would also be best they could bet broken anyway.

You must uninstall the above before continuing with the below.


Now also uninstall the below two old Sun Java versions:
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6 Update 1

Did you install the below applications yourself? BBC iPlayer also installed Kontiki
BBC iPlayer Download Manager
Crawler Toolbar


Okay now we need to use a new tool.

• Download and save to RenV.exe from following link to Desktop (must be on the Desktop)
• Now Copy the bold text in the below quote box to notepad. Save it as Log.txt to your desktop. (It must be on your Desktop).

• Now using your mouse, drag Log.txt onto RenV.exe
• When finished, RenV.exe will produce a new log names Log.txt on your Desktop I will ask for this log later.

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Live Service] msnlive.exe
O20 - Winlogon Notify: ddcdawv - C:\WINDOWS\SYSTEM32\ddcdawv.dll
After clicking Fix, exit HJT.

Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Check the 'Input script manually' box.
• Click on the magnifying glass icon.
• Copy everything in the Quote box below, and paste it in the box that opens:

• Now click the 'Done' button.
• Click on the traffic light icon and OK the prompt.
• You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it.


Now attach the below logs:

• Log.txt from running RenV
• C:\avenger.txt
• C:\MGlogs.zip

Make sure you tell me how things are working now!

 

Run C:\MGtools\analyse.exe by double clicking on it. This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr .exe" /background

After clicking Fix, exit HJT.


Now download The Avenger by Swandog46, and save it to your Desktop.

• Extract avenger.exe from the Zip file and save it to your desktop
• Run avenger.exe by double-clicking on it.
• Check the 'Input script manually' box.
• Click on the magnifying glass icon.
• Copy everything in the Quote box below, and paste it in the box that opens:

• Now click the 'Done' button.
• Click on the traffic light icon and OK the prompt.
• You will be prompted to restart, OK the prompt and your PC should reboot, if not, reboot it yourself.
• A log file from Avenger will be produced at C:\avenger.txt

Now run Ccleaner!

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from Avenger.

Make sure you tell me how things are working now!

 

Most likely because you did not follow the instructions. Everything in the quote box needs to be copied. That includes the line that says: Files to delete:

But it does not include the line that say Quote: